#!/bin/bashusers_home_front_dir="/data/users/"ssh_user=$1user_group=$2server_user_path=$users_home_front_dir/$user_groupif [ $# -ne 2 ];then	echo "usage: ./$0 
      
      
       "        echo "Example: ./$0  test_user  wwwad"        exit 1fiif [ ! -d "$users_home_front_dir" ] ; then	echo "users_home_front_dir directory="$users_home_front_dir not exists, exit now!	exit 1fifunction doing() { useradd "$user_group" -d "$server_user_path" if [ ! -f "$ssh_user"*.pub ] ; then ssh-keygen -t rsa -b 2048 -C "$ssh_user" -f "$ssh_user".pem fi mkdir -p "$server_user_path"/.ssh cat ./"$ssh_user".pem.pub >> "$server_user_path"/.ssh/authorized_keys chown -R "$user_group"."$user_group" "$server_user_path"/.ssh/ chmod 600 "$server_user_path"/.ssh/authorized_keys}function checking() { check_server_user=`cat /etc/passwd|grep $user_group|grep $server_user_path` echo "check_server_user="$check_server_user echo "server-user="$user_group if [[ "$check_server_user" =~ "$user_group" ]] ; then echo "server-user:$user_group" created successfully or already created ! else  echo "server-user:$user_group" created failed ! exit 1 fi check_ssh_user=`cat "$server_user_path"/.ssh/authorized_keys |grep $ssh_user` echo "check_ssh_user="$check_ssh_user echo "ssh-user="$ssh_user if [[ "$check_ssh_user" =~ "$ssh_user" ]] ; then echo "ssh-user:$ssh_user created successfully !" else echo "ssh-user:$ssh_user created failed !" exit 1 fi}doingcheckingsudo chown -R sa.sa  "$ssh_user".pem*名词解释ssh_user  	需要创建的系统用户user_group  用户所属组，多个系统用户属于一个组。比如sa组具有sudo权限。wwwad组sudo的话是需要输入密码的。				具体的权限控制的sudoer文件里这里默认的公钥私钥都是在/home/$ssh_user/.ssh 下面。这里为了安全，我们创建系统用户的时候重新制定其家目录server_user_path=$users_home_front_dir/$user_group加入现在有test1,test2用户都属于一个wwwad的组的话，这里我们可以再客户端设置登录的时候。我们以test1,test2,wwwad 的任何一个用户登录都可以到时候我们把用户的pem文件发送给开发即可