Question

How to log in as non root user via SSH?

I just created my first Ubuntu droplet and supplied my public SSH key which is contained in ~/.ssh/id_rsa.pub on my local machine at the time I was creating my droplet. I can SSH into my machine as root just fine via the command ssh root@remote_host where remote_host is my droplet’s IP address as given in the console. However, I would like to prohibit root logon to my droplet.

I created a new user by executing the commands adduser newusername followed by gpasswd -a newusername sudo to give the new user elevated privileges. I then manually copied over the contents of my public SSH key (from my local machine) following these instructions over to newusername.

$ mkdir .ssh
$ chmod 700 .ssh
$ cd .ssh
$ vim authorized_keys

I then pasted in the public key and saved the file

$ chmod 600 authorized_keys
$ exit
# service ssh restart

When I tried to SSH in from my local machine using the command ssh newusername@remote_host, I get the message Permission denied (publickey). I even went back into the droplet and added the line AllowUsers newusername to the /etc/ssh/sshd_config file but keep getting the same error.

UPDATE: I also tried running the following commands on my local machine, which is also running Ubuntu, but this did not work either:

$ eval `ssh-agent -s`
$ ssh-add ~/.ssh/id_rsa
Show comments
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

spython01June 1, 2017
Accepted Answer

I finally ended up solving this issue by following these directions from another thread.

SysNasriDecember 7, 2017

I fixed the problem by putting my root public key to user’s .ssh/authorized_keys file. now I can login from my machine with root username to remote machine with myuser account.

issue this command by root

ssh -p ‘ssh port’ myuser@remoteip

Jonathan TittleMay 26, 2017

@spython01

The users home directory needs to be owned by the user in question, as does the .ssh directory and the authorized_keys file.

For example, a slightly different way of doing it that I use.

Create Directories and Files

mkdir -p /home/myuser/.ssh

touch /home/myuser/.ssh/authorized_keys

Add The New User

useradd -d /home/myuser myuser

Add User to sudo Group

usermod -aG sudo myuser

Set Proper Permissions

chown myuser:myuser /home/myuser/.ssh

chown myuser:myuser /home/myuser/.ssh/authorized_keys

chmod 700 /home/myuser/.ssh

chmod 600 /home/myuser/.ssh/authorized_keys

Setup SSH Keys for myuser

echo "ssh-rsa ...." >> /home/myuser/.ssh/authorized_keys

Setup a Password for myuser

passwd myuser

That way you can escalate using sudo .....

Login

ssh myuser@droplet_ip -i myuser

Where myuser is the user we just created and setup, and -i myuser tells SSH to use the key that I have locally on my MacBook.