Solved: Creating users via kickstart

JDLangdon · ‎04-28-2008

Does anyone know how to configure a kickstart script to automatically create users with SSH access upon first boot?

Jason

Yattong · ‎04-29-2008

I also use the

"In the %post section of your script add:

useradd -p 'password' username" as posted above. I use the -G and -c option but these are just niceties.

Adding the user via %post enabled ssh access automatically for me.

Only thing I can see that hasnt been mentioned is that the password needs to be encrypted. In which you can find on this thread I posted a while ago.

http://communities.vmware.com/message/812568

Good Luck

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points ~y

View solution in original post

sbeaver · ‎04-28-2008

From the %post command you can use the "useradd" command to add users. Type "man useraddd" or google user add to see all the syntax

Steve Beaver

VMware Communities User Moderator

*Virtualization is a journey, not a project.*

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**

espi3030 · ‎04-28-2008

In the %post section of your script add:

useradd -p 'password' username

If your password has special characters you'll want to enclose it in the sinlge 'quotes'.

astrolab · ‎04-28-2008

I enable SSH by adding the folowing statement in the %post section:

Enable SSH Connection through root.

cat > /etc/ssh/sshd_config << SSH

Protocol 2

SyslogFacility AUTH

LogLevel VERBOSE

PermitRootLogin yes

Subsystem sftp /usr/libexec/openssh/sftp-server

Ciphers aes256-cbc,aes128-cbc

SSH

Basically it strips all the commented-out content and replaces it with the text between the SSH entries.

RobMokkink · ‎04-28-2008

On the deployment server i have a script that enumerates a particular security group and it writes the samaccountname to a textfile. The file that existed before is moved and renamed.

On the esx server i enable ad authentication, during the installation i open port 80, it then uses lwp-download to get the files and creates all the users and make them a member of a specific security group, who can use su. During the installation i also place a script and a cronjob that will do a diff between the new file and the old file, and will add or delete users on the esx servers.

This way i can control the users who have access to the service console directly.

Yattong · ‎04-29-2008

I also use the

"In the %post section of your script add:

useradd -p 'password' username" as posted above. I use the -G and -c option but these are just niceties.

Adding the user via %post enabled ssh access automatically for me.

Only thing I can see that hasnt been mentioned is that the password needs to be encrypted. In which you can find on this thread I posted a while ago.

http://communities.vmware.com/message/812568

Good Luck

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points ~y

vilmann · ‎04-29-2008

Does anyone know how to configure a kickstart script to automatically create users with SSH access upon first boot?

All users have ssh access by default.

And there's no need for messing with %post.

Just add a line to your kickstart file:

#Initial user

user kvi --fullname "Kristian Vilmann" --iscrypted --password $1$ujKO0Ghv$dWLfVk9BD0KgTN1fGGv/90

/kristian

henketh · ‎04-14-2009

Hi vilmann!

#Initial user

user kvi --fullname "Kristian Vilmann" --iscrypted --password $1$ujKO0Ghv$dWLfVk9BD0KgTN1fGGv/90

I haven't had the time to try this yet, but it seems very nice! Is there any particular place in the kickstart script where this command must be placed?

I have as many others tried to use adduser in the %post section of my kickstart script to create an additional user with shell access:

#Add user "admin"

/usr/sbin/adduser admin -p '$1$5a17$ZrK5qinSgRKZz1uNz7kXO1' -u 500 -s /bin/bash

But this doesn't work, it creates the user but I can't login. What is wrong with this command? It works when I use the command manually at the command line, but not in my kickstart script?

Another question: why are there two similar commands, adduser and useradd? They seem to do exactly the same?

Final question: What does the switch -l do?

Example: adduser -l admin -p '$1$5a17$ZrK5qinSgRKZz1uNz7kXO1' -u 500 -s /bin/bash)

henketh · ‎04-14-2009

Hi again!

Well that didn't work at all..

I inserted the lines below in my kickstart file after the installation settings (skipx, mouse, rootpw and so on)

# Add user admin

user admin --iscrypted --password $1$K4Cq./$XqDpathBB67m5lV57XOGn1

the result was:

SyntaxError: Unknown Command: 'user'

you may safely reboot your system

Back to fiddling with the %post and useradd I guess..