-
Notifications
You must be signed in to change notification settings - Fork 1
/
install.sh
47 lines (35 loc) · 1.26 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/bin/bash
sshdConfig="/etc/ssh/sshd_config"
tmpdir=`mktemp -d`
cd $tmpdir
if [ -f /etc/lsb-release ]; then
sudo apt-get update
sudo apt-get install -y git
else
sudo yum update
sudo yum install -y git
fi
git clone https://github.com/articulate/aws-iam-ssh-auth.git
cd $tmpdir/aws-iam-ssh-auth
cp authorized_keys_command.sh /opt/authorized_keys_command.sh
chmod +x /opt/authorized_keys_command.sh
cp import_users.sh /opt/import_users.sh
chmod +x /opt/import_users.sh
if ! grep -q ^AuthorizedKeysCommand $sshdConfig; then
if [ -f /etc/lsb-release ]; then
echo "AuthorizedKeysCommand /opt/authorized_keys_command.sh" >> $sshdConfig
echo "AuthorizedKeysCommandUser nobody" >> $sshdConfig
else
sed -i 's:#AuthorizedKeysCommand none:AuthorizedKeysCommand /opt/authorized_keys_command.sh:g' $sshdConfig
sed -i 's:#AuthorizedKeysCommandUser nobody:AuthorizedKeysCommandUser nobody:g' $sshdConfig
fi
fi
echo "@reboot root /opt/import_users.sh > /var/log/import-users.log 2>&1" > /etc/cron.d/import_users
echo "*/10 * * * * root /opt/import_users.sh > /var/log/import-users.log 2>&1" >> /etc/cron.d/import_users
chmod 0644 /etc/cron.d/import_users
/opt/import_users.sh
if [ -f /etc/lsb-release ]; then
service ssh restart
else
service sshd restart
fi