Add second user account
Implement "jeff" account with password and allow SSH access. This account is password protected, requiring a change to the SSH config file to allow passwords. Note that when possible, passwords should NOT be permitted for SSH access.
This commit is contained in:
parent
e719842645
commit
bd29aec75b
1 changed files with 11 additions and 2 deletions
|
@ -1,6 +1,7 @@
|
||||||
# USERS
|
# USERS
|
||||||
|
# atomaka, with SSH key
|
||||||
user { 'atomaka':
|
user { 'atomaka':
|
||||||
ensure => 'present',
|
ensure => present,
|
||||||
groups => ['sudo'],
|
groups => ['sudo'],
|
||||||
managehome => true,
|
managehome => true,
|
||||||
shell => '/bin/zsh',
|
shell => '/bin/zsh',
|
||||||
|
@ -21,6 +22,13 @@ file { '/home/atomaka/.ssh/authorized_keys':
|
||||||
content => file('/tmp/puppet/files/keys/atomaka'),
|
content => file('/tmp/puppet/files/keys/atomaka'),
|
||||||
require => File['/home/atomaka/.ssh'],
|
require => File['/home/atomaka/.ssh'],
|
||||||
}
|
}
|
||||||
|
# jeff, with password
|
||||||
|
user { 'jeff':
|
||||||
|
ensure => present,
|
||||||
|
managehome => true,
|
||||||
|
shell => '/bin/bash',
|
||||||
|
password => '$6$.AURF9sE09Q$..S10CFY7G.AVXzSW//w6GoV6yPzBzdvyUl8a7oyYbW/XzBU.o6AdHxTgTkCSWb64zmN3QoKovoUyLJhE/MFP/'
|
||||||
|
}
|
||||||
|
|
||||||
# PACKAGES
|
# PACKAGES
|
||||||
package { 'mosh': }
|
package { 'mosh': }
|
||||||
|
@ -38,8 +46,9 @@ class { 'apache': }
|
||||||
# CONFIGURATIONS
|
# CONFIGURATIONS
|
||||||
ssh::server::configline { 'Port': value => '22984' }
|
ssh::server::configline { 'Port': value => '22984' }
|
||||||
ssh::server::configline { 'PermitRootLogin': value => 'no' }
|
ssh::server::configline { 'PermitRootLogin': value => 'no' }
|
||||||
ssh::server::configline { 'PasswordAuthentication': value => 'no' }
|
ssh::server::configline { 'PasswordAuthentication': value => 'yes' }
|
||||||
ssh::server::configline { 'AllowUsers/1': value => 'atomaka' }
|
ssh::server::configline { 'AllowUsers/1': value => 'atomaka' }
|
||||||
|
ssh::server::configline { 'AllowUsers/2': value => 'jeff' }
|
||||||
|
|
||||||
sudo::conf { 'sudo':
|
sudo::conf { 'sudo':
|
||||||
priority => 10,
|
priority => 10,
|
||||||
|
|
Loading…
Reference in a new issue