Make sure AuthorizedKeysCommandUser exists before setting it

[artburkart]

Thanks for making this unique, easy-to-use solution to a very common problem.

The default behavior was to drop the AuthorizedKeysCommandUser value into the codebase regardless of whether it was supported by the installed version of openssh-server. The reason I wanted to add this snippet was because I noticed sshd is restarted even if the config is invalid. This would only be relevant where the openssh-server version is < 6.1. I know this would only be the case on old servers, but it's a simple way to protect users exploring your tooling.

If you have any suggestions for revision, I'm all ears. :)

[michaelwittig]

I added two notes and I can remember that one of the supported distributions did not have the config values and that's why they are added if not found. I can figure this out by running the test suite once I have your feedback on my comments.

[artburkart]

@michaelwittig thank you for reviewing my code :)

[artburkart]

https://github.com/widdix/aws-ec2-ssh/pull/131#discussion_r198110098

Today I learned. I was executing the install.sh script with bash install.sh, but this has the side-effect of removing the -e from all subshells. Check it out:

Subshells spawned to execute command substitutions inherit the value of the -e option from the parent shell. When not in POSIX mode, Bash clears the -e option in such subshells. https://www.gnu.org/software/bash/manual/bashref.html#Bash-POSIX-Mode

I was effectively removing the -e argument when I was executing it, which is why I was getting unexpected behavior. I definitely need to change my code back to what you had, but I am left with the question of whether it would make sense to use set -x on its own line instead of bash -x in the shebang? I pushed up a new commit. I look forward to your feedback. 😄

[artburkart]

We are using this code on CentOS 6 and 7 boxes now :)