I just created my first Ubuntu droplet and supplied my public SSH key which is contained in ~/.ssh/id_rsa.pub
on my local machine at the time I was creating my droplet. I can SSH into my machine as root just fine via the command ssh root@remote_host
where remote_host
is my droplet’s IP address as given in the console. However, I would like to prohibit root logon to my droplet.
I created a new user by executing the commands adduser newusername
followed by gpasswd -a newusername sudo
to give the new user elevated privileges. I then manually copied over the contents of my public SSH key (from my local machine) following these instructions over to newusername
.
$ mkdir .ssh
$ chmod 700 .ssh
$ cd .ssh
$ vim authorized_keys
I then pasted in the public key and saved the file
$ chmod 600 authorized_keys
$ exit
# service ssh restart
When I tried to SSH in from my local machine using the command ssh newusername@remote_host
, I get the message Permission denied (publickey).
I even went back into the droplet and added the line AllowUsers newusername to the /etc/ssh/sshd_config
file but keep getting the same error.
UPDATE: I also tried running the following commands on my local machine, which is also running Ubuntu, but this did not work either:
$ eval `ssh-agent -s`
$ ssh-add ~/.ssh/id_rsa
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
I finally ended up solving this issue by following these directions from another thread.
I fixed the problem by putting my root public key to user’s .ssh/authorized_keys file. now I can login from my machine with root username to remote machine with myuser account.
issue this command by root
ssh -p ‘ssh port’ myuser@remoteip
@spython01
The users home directory needs to be owned by the user in question, as does the
.ssh
directory and theauthorized_keys
file.For example, a slightly different way of doing it that I use.
Create Directories and Files
Add The New User
Add User to sudo Group
Set Proper Permissions
Setup SSH Keys for myuser
Setup a Password for myuser
That way you can escalate using
sudo ....
.Login
Where
myuser
is the user we just created and setup, and-i myuser
tells SSH to use the key that I have locally on my MacBook.