On 6/4/2014 16:05, Roger Vicker, CCP wrote:
3) deliver the private key to the user along with the rest of the
instructions on how to use it in the provided apps.
How were you planning on delivering these sensitive private keys? Via
insecure email, perhaps?
Use ssh as it was designed: have the users generate their own local
keypairs, and have them email the public key to you. The words we use
here mean something. The *public* key goes out over the public link,
and the *private* key stays at home.
It's not like the commands are difficult. They set up a local Cygwin,
add the openssh package, then say:
$ ssh-keygen
...press Enter a bunch of times...
$ cat ~/.ssh/id_rsa.pub > /dev/clipboard
...compose email to rvicker, paste
With out their passwords I can't login to establish their $home
directory structure,
Take a look at /etc/profile, starting at line 75. See the stuff about
/etc/skel? That's how the user's home directory gets set up. Nothing
magic here. You could cut those couple-dozen lines into a new script
and tweak it for your purposes.
The only trick is that if you do all this as administrator, you'll have
to say something like
# chown -R otheruser.otheruser ~otheruser
after you get done setting up the user's home directory.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
