From e175d088aa2c88253c0234dd50150eff87f08a08 Mon Sep 17 00:00:00 2001
From: Emil Lerch <emil@lerch.org>
Date: Tue, 16 Jul 2019 10:55:52 -0700
Subject: [PATCH] restrict install to a single user

---
 get_authorized_keys |  3 +++
 makeitso            | 10 ++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/get_authorized_keys b/get_authorized_keys
index a05d106..d3d68b1 100755
--- a/get_authorized_keys
+++ b/get_authorized_keys
@@ -1,5 +1,8 @@
 #!/bin/sh
 
+# NOTE: %1 is the user being authorized. However, we'll make this only for
+#       the primary user
+
 # Accomodate for local install
 PATH=$HOME/.local/bin:$PATH
 
diff --git a/makeitso b/makeitso
index 81e55a1..7ada939 100755
--- a/makeitso
+++ b/makeitso
@@ -1,9 +1,15 @@
 #!/bin/sh
 
+if [ $# -ne 1 ]; then
+  echo 'usage: makeitso <primaryusername>' >&2
+  exit 1
+fi
+
 sudo adduser --disabled-login --gecos 'User for AuthorizedKeysCommand' authorizedkeysuser
 
-sudo sh -c "echo 'AuthorizedKeysCommand /etc/ssh/get_authorized_keys
-AuthorizedKeysCommandUser authorizedkeysuser' >> /etc/ssh/sshd_config"
+sudo sh -c "echo 'Match User $1
+  AuthorizedKeysCommand /etc/ssh/get_authorized_keys
+  AuthorizedKeysCommandUser authorizedkeysuser' >> /etc/ssh/sshd_config"
 
 sudo cp authorized_keys /etc/ssh