Copy ssh keys between users Rocky linux 8

Hi,

I usually use the generic commands to accomplish such tasks. They works well across different Linux distros.

So, you have ssh’d your droplet as root, and created your new user, let’s call it newuser.

Firstly, let’s find out what newuser’s home directory is.

cat /etc/passwd | grep newuser

Output
newuser:x:1000:1000::/home/newuser:/bin/bash

It should be a subdirectory of /home directory, as above, with a name of your newly created user (newuser in our example), unless you changed your system environment or explicitely specified different home directory creating your newuser.

Now, we are going to create .ssh directory to store your ssh public key. Note --parents parameter of mkdir command. Thanks to it mkdir creates full path specified with the command. If, for some reasons, your newuser’s home directory has not been created yet, mkdir --parents will create it with its .ssh subdirectory at once.

mkdir --parents --verbose /home/newuser/.ssh

Output
mkdir: created directory '/home/newuser/.ssh'

Let’s copy ssh public key now. It is stored in /root/.ssh/authorized_keys file. This file may contain many different ssh public keys. In such case, you would have to extract the one you would be interested in. But, in our case, you have just one public key in this file, so you can straight copy a whole file.

cp --verbose /root/.ssh/authorized_keys /home/newuser/.ssh/

Output
'/root/.ssh/authorized_keys' -> '/home/newuser/.ssh/authorized_keys'

It almost done. Just one thing more. Note that we have done all the operations as a root, so both .ssh directory and authorized_keys file are owned by root. Our newuser must own them then. To do that accurately we need to find out what newuser’s initial login group ID is. At the beginning of this post we revealed what newuser’s home directory is. We can find out what newuser’s initial login group ID is from the same given output.

newuser:x:1000:1000::/home/newuser:/bin/bash

The first number is a user ID, the second one is its initial login group ID. Having all the needed info, we are going to (re)assign an owner for newuser’s home directory and all its content, including subdirectories and their content (thanks to --recursive parameter).

Warning !!!
Be very careful using chown command as a root. 
You can cause a serious OS malfunction by mistake, when you specify the path 
incorrectly.

chown --recursive --verbose newuser:1000 /home/newuser

Output
ownership of '/home/newuser/.bash_logout' retained as newuser:newuser
ownership of '/home/newuser/.bash_profile' retained as newuser:newuser
ownership of '/home/newuser/.bashrc' retained as newuser:newuser
ownership of '/home/newuser/.cloud-locale-test.skip' retained as newuser:newuser
changed ownership of '/home/newuser/.ssh/authorized_keys' from root:root to newuser:1000
changed ownership of '/home/newuser/.ssh' from root:root to newuser:1000
ownership of '/home/newuser' retained as newuser:newuser

Job done :-) I hope it helps.

If you’re using Rocky Linux 8 (which is binary-compatible with RHEL 8), the process to copy SSH keys between users is quite similar to what you’ve done with Ubuntu.

Here’s how you can copy the SSH keys from the root user to a new user (let’s call the new user newuser):

First, ensure the new user’s home directory has a .ssh directory:

mkdir /home/newuser/.ssh
chmod 700 /home/newuser/.ssh

Then use rsync or cp to copy the SSH keys:

rsync --archive --chown=newuser:newuser ~/.ssh/authorized_keys /home/newuser/.ssh/

Ensure the permissions on the copied authorized_keys file are correct:

chmod 600 /home/newuser/.ssh/authorized_keys

Once done, you can test SSH access for the new user using the same key you use for root (assuming that was your intention).

However, please be cautious about what you’re doing. Giving another user the ability to log in with the same key as the root user can introduce security risks. Always ensure you understand the security implications of your actions.