Question

Temp access to a Droplet

Posted May 16, 2020 512 views
ApacheSecurity

Hi

Anyone knows how to give a Temp access to a droplet for the configuration purposes ? Say to a developer to update the DB . and after the job done to remove the user , Can this be done ?

Cyrus

1 comment
  • Yes.

    Create a new user (you may need to give them sudo access).
    It would be best also to get their public ssh key and permit access only with that.
    Then remove it afterwards.

    Now- important to note if you allow password based login (Or either way) you should also check that they have not made any others users or changed any other users passwords.

    Make sure you trust them 😶

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi @cyruscaviani,

What @Sheldon is completely correct, the best way is to create a sudo user, add the SSH keys of your developer for that user and allow them access. If you are not sure how to do that, I’ll recommend checking out the following tutorial:

https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04

After you’ve done that,you might wish to forbid certain commands to be executed by the user, you can follow this mini tutorial to restrict sudo users to only a handful commands :

https://www.digitalocean.com/community/questions/mini-tutorial-restricting-sudo-users-to-only-a-handful-commands

Regards,
KDSys

by Justin Ellingwood
by Erika Heidi
This guide will walk you through a few procedures that you should take early on in order to create a solid foundation for your new Ubuntu 18.04 server, before moving on to installing and configuring any software or services.