[Rack] hi! (introductory message)

Jonathan Lassoff jof at thejof.com
Thu May 23 19:57:41 UTC 2013 

On Thu, May 23, 2013 at 11:42 AM, Leif Ryge <leif at synthesize.us> wrote:
> On Thu, May 23, 2013 at 09:47:46AM -0700, Jonathan Lassoff wrote:
>> Looks like someone already added your account, can you login?
>>
>>
>> It got a a bit flubbed setting your password file as being readable
>> only by you, though. Let me know if you want to change it.
>>
>> jof at pony ~ % ls -l ~bleak
>> total 4
>> -rw-rw-r-- 1 bleak bleak 33 May 22 17:07 password
>> jof at pony ~ % sudo chmod 0400 ~bleak/password
>> [sudo] password for jof:
>> jof at pony ~ % ls -l ~bleak
>> total 4
>> -r-------- 1 bleak bleak 33 May 22 17:07 password
>>
>> /var/log/auth.log:May 22 17:06:23 pony useradd[8864]: new user:
>> name=bleak, UID=1108, GID=1108, home=/home/bleak, shell=/bin/bash
>> /var/log/auth.log:May 22 17:07:00 pony passwd[8874]:
>> pam_unix(passwd:chauthtok): password changed for bleak
>> /var/log/auth.log:May 22 17:07:01 pony chfn[8929]: changed user
>> 'bleak' information
>> /var/log/auth.log:May 22 17:07:34 pony su[8940]: Successful su for bleak by root
>> /var/log/auth.log:May 22 17:07:34 pony su[8940]: + /dev/pts/2 root:bleak
>> /var/log/auth.log:May 22 17:07:34 pony su[8940]: pam_unix(su:session):
>> session opened for user bleak by leif(uid=0)
>>
>> Leif?
>>
>> --j
>
> Sorry about neglecting to respond to rack that I'd created the account,
> and for neglecting to chmod the password. Is there a script others use
> for creating that file? I've been doing it manually and forgetting a
> step, apparently. I just checked, and I've done that on 5 other
> accounts. Ooops! (BTW, for people reading along at home, passwords on
> pony accounts are mostly only used for sudo apt-get; ssh logins require
> public key authentication. The convention when creating an account on
> pony is to set a random password and write it to ~/password.)

No worries, just thought I'd point it out.
Indeed, the password is just to sudo, and for normal users they can
only apt-get stuff.

Yeah... I've been doing it manually as well. I'm not sure there is a
script, though we probably ought to make one considering how often we
do it.

I've been doing something like:

sudo useradd jof
sudo touch ~jof/password
sudo chmod 0400 ~jof/password
[ pwgen -s 35 1 ] on my local machine, copy-to-clipboard
sudo sh -c 'cat > ~jof/password <<EOF'
[ paste ]
EOF
sudo mkdir -p ~jof/.ssh
sudo chmod 0755 ~jof/.ssh
sudo touch ~jof/.ssh/authorized_keys
sudo chmod 0644 ~jof/.ssh/authorized_keys
sudo sh -c 'cat > ~jof/.ssh/authorized_keys <<EOF'
[ paste key from wiki ]
EOF


Cheers,
jof

More information about the Rack mailing list