Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


create account ssh from the website
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

create account ssh from the website

greetings all,

inging I ask, how do I make ssh account from the website?
vps connects us to the website so that visitors can make ssh account on the form provided, thank you

Comments

  • perennateperennate Member, Host Rep
    edited February 2014
    <?php
    exec("adduser -batch username group 'Name' password");
    ?>

    But really you should use some kind of account management API. Why do you need to create shell accounts anyway?

    Edit: actually adduser -batch doesn't seem to exist; maybe just useradd -G group username then? not sure how to specify password

  • @perennate said:

    <?php
    > exec("adduser -batch username group 'Name' password");
    
    > ?>

    But really you should use some kind of account management API. Why do you need to create shell accounts anyway?

    I mean so that visitors can make their own account ssh to my vps server
    illustration http://prntscr.com/2wde5l

  • perennateperennate Member, Host Rep

    Well, you could accomplish it by having the website add the stuff to a MySQL database, then have cron job come along and check for new users and add them using adduser or something similar.

  • spectraspectra Member
    edited February 2014

    @perennate said:
    Well, you could accomplish it by having the website add the stuff to a MySQL database, then have cron job come along and check for new users and add them using adduser or something similar.

    is there a guide that can steer me?
    eg links to tutorials to make it from scratch?
    I really need this for my school assignment

  • perennateperennate Member, Host Rep
    edited February 2014

    I mean, if it's just a school assignment you can just do

    <?php
    $username = $_POST['username'];
    $password = $_POST['password'];
    safe_exec('sudo', array('adduser', '--disabled-password', '--gecos', '', $username));
    safe_exec('sudo', array('echo', "$username:$password", '|', 'chpasswd'));
    
    function safe_exec($command, $array) {
      $str = $command;
      foreach($array as $el) $str .= ' ' . escapeshellarg($el);
      exec($str);
    }
    ?>
    

    And add this to /etc/sudoers via visudo so that your web server user has passwordless access to sudo:

    www-data ALL=(ALL) NOPASSWD: ALL
    

    And add some sanity checking to make sure username is valid format.

  • @perennate said:
    I mean, if it's just a school assignment you can just do

    > <?php
    > $username = $_POST['username'];
    > $password = $_POST['password'];
    > safe_exec('sudo', array('adduser', '--disabled-password', '--gecos', '', $username));
    > safe_exec('sudo', array('echo', "$username:$password", '|', 'chpasswd'));
    > 
    > function safe_exec($command, $array) {
    >   $str = $command;
    >   foreach($array as $el) $str .= ' ' . escapeshellarg($el);
    >   exec($str);
    > }
    > ?>
    > 

    And add this to /etc/sudoers via visudo so that your web server user has passwordless access to sudo:

    > www-data ALL=(ALL) NOPASSWD: ALL
    > 

    And add some sanity checking to make sure username is valid format.

    This fact will be published as well.

    suppose there is a visitor goes to my website, and fill out the form to create an account ssh, then the ssh account immediately and automatically be connected to the VPS

  • Why do you want to do this? Sounds like a recipe for disaster.

    Thanked by 1Infinity
  • perennateperennate Member, Host Rep

    nunim said: Why do you want to do this? Sounds like a recipe for disaster.

    +1. but he said something about school project

  • perennate said: www-data ALL=(ALL) NOPASSWD: ALL

    Surely you'd be better off limiting www-data's sudo access to only one command? (useradd)

  • perennateperennate Member, Host Rep

    LukeT said: Surely you'd be better off limiting www-data's sudo access to only one command? (useradd)

    You'd be better off not creating a web interface for people to create shell accounts on your server.

  • perennate said: +1. but he said something about school project

    Ah, isn't this something he should figure out on his own then? People here have already given you most of it.

Sign In or Register to comment.