blob: 4211766c38de9aa9a09950b97490b3ec2fb6f4fc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
#!/bin/sh -e
# vagrant base box preparation script.
# Some safeguards
if grep -q "^avagrant:" /etc/passwd ; then
echo "vagrant user has already been created."
exit
fi
if test -f /root/.ssh/authorized_keys; then
echo "root already has /root/.ssh/authorized_keys, refusing to overwrite it."
exit
fi
# Create vagrant user and give them the key.
echo "Creating user vagrant"
useradd -m vagrant
mkdir -p /home/vagrant/.ssh
echo "Adding Vagrant authorized key for user vagrant"
cp /etc/vagrant/vagrant.pub /home/vagrant/.ssh/authorized_keys
chown -R vagrant:users /home/vagrant
chmod 0700 /home/vagrant/.ssh
chmod 0600 /home/vagrant/.ssh/authorized_keys
# Add the key to root as well.
echo "Adding vagrant authorized key for user root"
mkdir -p /root/.ssh
cp /etc/vagrant/vagrant.pub /root/.ssh/authorized_keys
chmod 0700 /root/.ssh
chmod 0600 /root/.ssh/authorized_keys
echo "Adding vagrant to /etc/sudoers"
echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
echo "Adding 'UseDNS no' to /etc/ssh/sshd_config"
echo "UseDNS no" >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
echo
echo "THIS SYSTEM IS NOW INSECURE, AND ACCESSIBLE TO ANYONE WITH THE VAGRANT PRIVATE KEY"
echo "FROM https://github.com/hashicorp/vagrant/blob/master/keys/vagrant"
|
