The Bash script presented here automates the process of user creation on a Linux system. By prompting the administrator for a username and password, it checks for empty inputs and pre-existing users, then securely creates a new user account.
Script to add a user with password
Let me first show what the output of the script looks like:
$ ./add_user_script.sh Enter the username: myuser Enter the password: 'myuser' added successfully
$ ./add_user_script.sh Enter the username: myuser Enter the password: 'myuser' already exists. please use different user
The above output shows the script prompted for username and password and successfully created the user account. When you run the script a second time, it detects that myuser
already exists and hence informs you to use a different username.
Script
#!/bin/bash
#
# Script to add a user
# Function to read password securely
read_password()
{
# Disable echo.
stty -echo
# Set up trap to ensure echo is enabled before exiting if the script
# is terminated while echo is disabled.
trap 'stty echo' EXIT
# Read password.
read "$@"
# Enable echo.
stty echo
trap - EXIT
# Print a newline because the newline entered by the user after
# entering the passcode is not echoed. This ensures that the
# next line of output begins at a new line.
echo
}
echo -n "Enter the username: "
read username
STATUS=0
if [ -z "${username}" ] ; then
echo "Username is not entered"
STATUS=1
exit $STATUS
fi
# Check if username already exists
getent passwd "${username}" > /dev/null
STATUS=$?
if [ "${STATUS}" == "0" ] ; then
echo "$username already exists. Please use a different user"
exit 1
fi
echo -n "Enter the password: "
read_password password
# Validate password input
if [ -z "${password}" ] ; then
echo "Password is not entered"
STATUS=1
exit $STATUS
else
# Create user with encrypted password
useradd $username -p "$(openssl passwd -6 $password)"
STATUS=$?
if [ "${STATUS}" == "0" ] ; then
echo "'$username' added successfully"
else
echo "Failed to create user '$username'"
STATUS=1
fi
fi
# Exit from script
exit $STATUS
In the script:
The script reads the username and password from the user. It defines a function called read_password which reads a password from the user while disabling the terminal echo to keep the password hidden.
echo -n "Enter the username: "
read username
echo -n "Enter the password: "
read_password password
It uses the getent command to check if the username already exists. If it does, the script prints an error message and exits with a status of 1.
if [ -z "${username}" ] ; then
echo "Username is not entered" >&2
STATUS=1
exit $STATUS
fi
getent passwd "${username}" > /dev/null
STATUS=$?
if [ "${STATUS}" -eq 0 ] ; then
echo "$username already exists. Please use a different user" >&2
exit 1
fi
The script uses openssl to encrypt the password and useradd to create the user with the encrypted password.
useradd "$username" -p "$(openssl passwd -6 "$password")"
Bypass password prompts
To ensure that commands run without interactive password prompts, you can use the following:
Using chpasswd:
$ useradd -m "<username>"
$ echo "<username>:<password>" | chpasswd
Using echo
and passwd
:
$ useradd -m “<username>”
$ echo “<password>\n<password>” | passwd <username>
Remember here we are actually placing the password in the script, which is viable for security risk.
This script allows add a user without interactive password prompts with a default password.
#!/bin/bash
# Script to add user
# Default password for new users
default_password="mypasswd@123"
# Prompt for username
echo -n "Enter the username: "
read username
STATUS=0
# Check if username is empty
if [ -z "${username}" ] ; then
echo "Username is not entered" >&2
STATUS=1
exit $STATUS
fi
# Check if user already exists
getent passwd "${username}" > /dev/null
STATUS=$?
if [ "${STATUS}" -eq 0 ] ; then
echo "$username already exists. Please use a different user" >&2
exit 1
fi
# Create user
useradd -m "${username}" > /dev/null
STATUS=$?
if [ "${STATUS}" -eq 0 ] ; then
# Set the default password for the user
echo "${username}:${default_password}" | chpasswd &> /dev/null
echo "'$username' added successfully"
else
echo "Failed to create user '$username'" >&2
STATUS=1
fi
# Exit from script
exit $STATUS
Running the script:
$ ./add_user_bypass_script.sh
Enter the username: testuser
'testuser' added successfully
Comments