Trying to add in a second user (not for my use) to server

April 27, 2017 309 views
Networking Ubuntu 16.04

I am trying to add a new user to an existing droplet that already has a root user that requires a key for login. Originally I wanted the new user to be able to log in with a key too for security, but I guess I am a dumb ass because I have no idea what the tutorials regarding SSH Keys are trying to get me to do (except the ones that only show you how to add one to root, but those are currently useless to me). At this point, I'd be willing to call it a success if I could even get a new user that works without requiring a key but despite not doing anything to the user except creating it, I cannot seem to get it to log in as it wants a key for that user.

At this point I am grasping at strawing and pulling out my hair. I have no idea what to do and no idea what to do past this.

2 Answers

adduser foo, public keys go into ~/.ssh/authorized_keys

@julianswebb

Adding a new user can be done with useradd, though getting everything to work with an SSH Key requires a little more work.

1). Create Users' Home and .ssh Directories

mkdir -p /home/newuser/.ssh

2). Touch authorized_keys (creates the file)

touch /home/newuser/.ssh/authorized_keys

3). Add Public Key to authorized_keys. You'll replace .... with the public key.

echo "...." >> /home/newuser/.ssh/authorized_keys

4). Add new user and set home directory.

useradd -d /home/newuser newuser

5). Setup proper permissions.

chown -R newuser:newuser /home/newuser/*
chmod 700 /home/newuser/.ssh
chmod 600 /home/newuser/.ssh/authorized_keys

6). Reduce permissions on /home/newuser.

chmod 750 /home/newuser

...

Keep in mind, this isn't a sudo user - it's a basic user with no real privileges other than the ability to login using SSH (not SFTP), thus can't escalate to root. If you need to make this user a sudo user, you can use:

usermod -aG sudo newuser

The above appends the sudo group to the user, which will allow them to run commands using:

sudo [command-name]

For example:

sudo apt-get update
Have another answer? Share your knowledge.