diff --git a/scripts/jumpserver_cron.sh b/scripts/jumpserver_cron.sh
new file mode 100755
index 0000000..3d50534
--- /dev/null
+++ b/scripts/jumpserver_cron.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+tmp_path="/tmp/authorized_keys"
+dest_path="/home/ssh/.ssh/authorized_keys"
+echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+
+for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
+    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+done
+
+cat "$tmp_path" > "$dest_path"
+rm "$tmp_path"
+chown ssh:ssh "$dest_path"
+chmod 600 "$dest_path"
diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh
index 3d50534..420a06f 100755
--- a/scripts/jumpserver_deploy.sh
+++ b/scripts/jumpserver_deploy.sh
@@ -2,15 +2,19 @@
 set -ex
 THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
 
-tmp_path="/tmp/authorized_keys"
-dest_path="/home/ssh/.ssh/authorized_keys"
-echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+adduser \
+   --disabled-password \
+   --home /home/ssh \
+   ssh
 
-for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
-    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
-done
+insert_if_not_exist()
+{
+    filename=$1
+    line=$2
+    if [ ! -f "$filename" ]; then
+        touch $filename
+    fi
+    grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename"
+}
 
-cat "$tmp_path" > "$dest_path"
-rm "$tmp_path"
-chown ssh:ssh "$dest_path"
-chmod 600 "$dest_path"
+insert_if_not_exist "/etc/crontab" "*/5 0 0 0 0 cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh"
diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_cron.sh
similarity index 100%
rename from scripts/testbed_deploy.sh
rename to scripts/testbed_cron.sh