Comments (5)
gitbls
commented on September 7, 2024
Not only does sdm look cool, it is cool. 😎 Thanks for checking it out!
There is definitely a way to add a user with no password and their SSH key, but this capability is not magically built into sdm. You'll need to do a small bit of work yourself.
Here's how I'd do it:
- use the
userplugin to add the user, but don't specify a password. You'll definitely want to use these keywords:adduserandhomeddir. Others would depend on how you want to configure the user account - (this is the slightly more complex part) Copy the file /usr/local/sdm/plugins/sdm-plugin-template` to your directory somewhere, and modify it. Modify it to add the following:
# Add this code in Phase 0
cp /path/to/authorized_keys $SDMPT/etc/sdm/assets/username-authorized_keys
In the above, best to replace username by the actual username you're going to use, for your own sanity, but that's up to you.
# Add this code in Phase 1
mkdir -p /home/username/.ssh
cp /etc/sdm/assets/username-authorized_keys /home/username/.ssh/authorized_keys
chown -R username:users /home/usern`ame/.ssh
chmod 700 /home/username/.ssh
chmod 600 /home/username/.ssh/authorized_keys
Same comment on username as the code in Phase 0. The string used in Phase 0 and Phase 1 must be identical.
When the plugin is called during Phase 0, the user's authorized_keys file will be copied from your local system into the IMG for later use. The string $SDMPT points to the IMG during Phase 0.
When the plugin is called during Phase 1 the local system disk is not directly accessible (which is why we copied it during Phase 0), so the code run in Phase 1 will create the user's .ssh directory, copy the stashed authorized_keys file into the proper location, and then set the correct file owner and protection. $SDMPT isn't needed during Phase 1, but you can add it if you prefer (it is defined as the empty string during Phase 1).
On the command line use --plugin user:adduser=username --plugin /path/to/myplugin. The user plugin must be specified before the plugin you just created.
user plugin documentation: https://github.com/gitbls/sdm/blob/master/Docs/Plugins.md#user
Building your own plugin documentation: https://github.com/gitbls/sdm/blob/master/Docs/Programming-Plugins-and-Custom-Phase-Scripts.md
If you run into problems you aren't able to resolve, please include the source to the plugin you created, as well as the exact command line you're using, and the contents of /etc/sdm/history from inside the customized IMG.
from sdm.
maxstrobel
commented on September 7, 2024
Why not simply use the mkdir & copyfile commands?
sudo sdm \
...
--plugin mkdir:"dir=/home/<username>/.ssh|chown=<username>:<username>|chmod=700" \
--plugin copyfile:"from=authorized_keys|to=/home/<username>/.ssh|chown=<username>:<username>|chmod=600|mkdirif" \
...from sdm.
gitbls
commented on September 7, 2024
Why not simply use the mkdir & copyfile commands?
sudo sdm \ ... --plugin mkdir:"dir=/home/<username>/.ssh|chown=<username>:<username>|chmod=700" \ --plugin copyfile:"from=authorized_keys|to=/home/<username>/.ssh|chown=<username>:<username>|chmod=600|mkdirif" \ ...
Indeed, this should work as well and is a much better approach.
I'll plead "traveling and obviously distracted" 😑
from sdm.
torntrousers
commented on September 7, 2024
thanks both!
from sdm.
gitbls
commented on September 7, 2024
No activity so closing issue.
from sdm.
Related Issues (20)
- Multiline plugin notes HOT 2
- Dump kernel image and DBT HOT 2
- More complex settings (pi ups) HOT 2
- Boot from nvme? HOT 2
- Hyphens and underscores in hostname HOT 4
- Error with --1piboot option HOT 1
- `invalid user` when using chown with custom user HOT 8
- Multiple sdm customize runs HOT 8
- Are plugin arguments robust to whitespace? HOT 15
- Can't set wifi ssid and password in the burn phase HOT 4
- Specify wlan1 instead of wlan0? HOT 3
- Get Luks key from OTP? HOT 1
- Installing on Fedora / Arch? HOT 3
- Network plugin fails to add wifi if nmconnections manually added previously HOT 5
- Example of installing SyncThing through SDM? HOT 21
- System don't boot after encryption - /dev/mapper/cryptroot does not exist HOT 14
- How to best update sdm? HOT 3
- apt returned an error; review /etc/sdm/apt.log --> /etc/sdm/apt.log does not exist HOT 10
- Steps to install zerotier using sdm HOT 9
- Additional configuration of (user-specific) ssh HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sdm.