$ sudo vim sftpusers.sh #!/bin/bash # # Manage SFTP users for customers # # Author:dong Guo # Last modified:2013/09/06 by Dong Guo userfile=/etc/passwd Groupfile=/etc/group Homedir=/home/sftp Loginshell=/sbin/nologin Groupname=sftpusers Username=$2 function Check_root () { If [$EUID-ne 0]; Then echo "This script must is run as root" 1>&2 Exit 1 Fi } function Print_help () { #Print Help messages then exit echo "Usage: $ {create|disable|enable|passwd|sshkey|delete} {username}" >&2 Exit 1 } function Check_usergroup () { #Create UserGroup if not exist Cut-d:-F 1 $groupfile | Grep-wq $groupname If [$?-ne 0];then Groupadd $groupname Fi } function Check_homedir () { #Create Homedir if not exist if [!-d "$homedir"];then mkdir $homedir Fi } function Check_username_exist () { #Check if user already exist Cut-d:-F 1 $userfile | Grep-wq $username If [$?-eq 0];then echo "User $username already exist." && exit Fi } function Check_username_notexist () { #Check if user not exist Cut-d:-F 1 $userfile | Grep-wq $username If [$?-ne 0];then echo "User $username not exist." && exit Fi } Function check_user_disabled () { #Check if user already disabled lockfile= $homedir/$username/ sftpuser.locked If [-a "$lockfile"]; then echo "User $username already disabled." ;& exit fi } function Update_sshkey () { #Get the Sshkey Echo-n "Input Sshkey:" Read Sshkey #Check if Sshkey is empty If [-Z "$sshkey"];then echo "Empty sshkey." && exit Fi #Check if Sshkey not correct echo $sshkey | Grep-ewq ' ^ssh-rsa|^ssh-dss ' If [$?-ne 0];then echo "String" Ssh-rsa "or" SSH-DSS "not found." && exit Fi mkdir $homedir/$username/.ssh chmod $homedir/$username/.ssh echo "$sshkey" > $homedir/$username/.ssh/authorized_keys chmod $homedir/$username/.ssh/authorized_keys Chown-r $username: $groupname $homedir/$username/.ssh } If [$#!= 2];then Print_help Fi Check_root Check_usergroup Check_homedir Case "$" in ' Create ') Check_username_exist Useradd-m-D "$homedir/$username"-G $groupname-S $loginshell-C "$username sftp" $username chmod 755 $homedir/$username Chown root:root $homedir/$username If [$?-eq 0]; Then echo "User $username was created." Fi ;;
' Disable ') Check_username_notexist Passwd-l $username Touch $homedir/$username/sftpuser.locked authfile= $homedir/$username/.ssh/authorized_keys If [-a "$authfile"]; Then MV $authfile $authfile. Disabled Fi If [$?-eq 0]; Then echo "User $username was disabled." Fi ;;
' Enable ') Check_username_notexist Passwd-u $username Rm-f $homedir/$username/sftpuser.locked authfile= $homedir/$username/.ssh/authorized_keys If [-a "$authfile. Disabled"]; Then MV $authfile. Disabled $authfile Fi If [$?-eq 0]; Then echo "User $username was enabled." Fi ;;
' Delete ') Check_username_notexist Echo-n "Delete all the data and account of user $username? [Yes|no] " Read Yesorno If ["$yesorno" = "yes"];then USERDEL-RF $username If [$?-eq 0]; Then echo "User $username was deleted." Fi Fi ;; ' passwd ') Check_username_notexist Check_user_disabled passwd $username ;;
' Sshkey ') Check_username_notexist Check_user_disabled Update_sshkey If [$?-eq 0]; Then echo "The Sshkey of user $username was updated." Fi ;;
*) Print_help ;; Esac $ sudo chmod +x sftpusers.sh |