Add publickey on user creation
Add publickey on user creation
Hi all,
I started using VestaCP today, and I was missing a feature to add a public key on user-creation. So I made the following modification:
web/templates/add_user.html
https://gist.github.com/Rubatharisan/24 ... 08c8eeff82
Line: 75-84
web/add/user/index.php
https://gist.github.com/Rubatharisan/e7 ... c839475df8
Line: 26 (not a must)
Line: 58, 66, 104
bin/v-add-user
https://gist.github.com/Rubatharisan/8f ... 1fcc0083ce
Line: 19, 77-78
This is far from done, but I would like to know, if I can do this? (I tested it, and it works - but is there something I should take in mind, before continuing)
I started using VestaCP today, and I was missing a feature to add a public key on user-creation. So I made the following modification:
web/templates/add_user.html
https://gist.github.com/Rubatharisan/24 ... 08c8eeff82
Line: 75-84
web/add/user/index.php
https://gist.github.com/Rubatharisan/e7 ... c839475df8
Line: 26 (not a must)
Line: 58, 66, 104
bin/v-add-user
https://gist.github.com/Rubatharisan/8f ... 1fcc0083ce
Line: 19, 77-78
This is far from done, but I would like to know, if I can do this? (I tested it, and it works - but is there something I should take in mind, before continuing)
Re: Add publickey on user creation
But from code it's ssh keys, correct?
Re: Add publickey on user creation
How to change key for user, if they are compromised or there is a need to change?but is there something I should take in mind, before continuing
Re: Add publickey on user creation
Correctskurudo wrote:But from code it's ssh keys, correct?
This should be possible to do from user_edit page, but right now I am thinking that it should be possible to add multiple public keys, to one user. So I am trying to figure out the best way to do this. (People can have multiple computers, that needs to be able to connect to a server)skurudo wrote:How to change key for user, if they are compromised or there is a need to change?but is there something I should take in mind, before continuing
Somehow, this should be done by looking at ~/.ssh/authorized_keys for current keys. Maybe just a text area at edit user template, that simply loads the ~/.ssh/authorized_keys.
I am also thinking about making the ~/.ssh/authorized_keys only writeable by root user (or admin), incase a users private key is comprised, the compromiser won't able to add a new key.
This indeed needs more planning, but I wanted to test, if it was possible at all - but as far as I got, I feel it is. Wonderful way VestaCP is code-wisely organised.
Re: Add publickey on user creation
One more or two cases:Rubas wrote: This should be possible to do from user_edit page, but right now I am thinking that it should be possible to add multiple public keys, to one user. So I am trying to figure out the best way to do this. (People can have multiple computers, that needs to be able to connect to a server)
Keys must be changed, when we do Rebuild user and if it's old user without key. Right?
And question, tricky one:
- if user has nologin in bash, we make him key anyway?
Re: Add publickey on user creation
What do you mean by changed? And what does happen when we do Rebuild user?skurudo wrote: One more or two cases:
Keys must be changed, when we do Rebuild user and if it's old user without key. Right?
It should be optional to use public key, but if you use public key, password could be disabled (so it is only possible to login via public key).
It should be optional to input a key, but we shouldn't input a key if user has nologin in bash. Right?skurudo wrote: And question, tricky one:
- if user has nologin in bash, we make him key anyway?