#!/bin/sh

if [ $# -ne 1 ]; then
  echo 'usage: makeitso <primaryusername>' >&2
  exit 1
fi

if [ ! -d /home/authorizedkeysuser ]; then
  #sudo adduser --disabled-login --gecos 'User for AuthorizedKeysCommand' authorizedkeysuser ||
  sudo useradd -c 'User for AuthorizedKeysCommand' -d /home/authorizedkeysuser -m -s/usr/sbin/nologin authorizedkeysuser
fi

grep -qF 'AuthorizedKeysCommand /etc/ssh/get_authorized_keys' /etc/ssh/sshd_config || \
sudo sh -c "echo 'Match User $1
  AuthorizedKeysCommand /etc/ssh/get_authorized_keys
  AuthorizedKeysCommandUser authorizedkeysuser' >> /etc/ssh/sshd_config"

sudo cp get_authorized_keys /etc/ssh

sudo chmod 755 /etc/ssh/get_authorized_keys

sudo systemctl restart sshd