Add an SSH user to Digital Ocean: Difference between revisions

From CES IT Wiki
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
No edit summary
No edit summary
Line 24: Line 24:
=== Troubleshooting ==
=== Troubleshooting ==
SSH errors
SSH errors
Change /etc/ssh/sshd_config
Change /etc/ssh/sshd_config
permitRootLogin yes
permitRootLogin yes
back to no
back to no
AllowUsers test username
AllowUsers test username

Revision as of 20:03, 8 October 2024

Add an SSH enabled user to Digital Ocean

Steps to build the local account and allow SSH connection

  1. Generate an SSH key pair.
  2. Log into the server via already established SSH user.
  3. Create a new user
    1. sudo su
    2. adduser "username"
  4. Add the new user to the sudo group
    1. usermod -aG sudo "username"
  5. change to new user to create and give folders correct permissions
    1. sudo su - new_user
    2. mkdir /home/"username"/.ssh
    3. chmod 700 /home/"username"/.ssh
    4. touch /home/"username"/.ssh/authorized_keys
    5. chmod 600 /home/"username"/.ssh/authorized_keys
  6. Copy the text of the .rsa file to the new authorized_keys file.
    1. The above is best practice but does not seem to work on our servers. Below are the extra steps to allow a user to authenticate via ssh.
  7. Become root sudo user again
    1. sudo su
  8. Navigate to /etc/ssh/authorized_keys
    1. create a new file with "username" as the title and the content of the authorized_keys file created above.
  9. This should allow the user to login via SSH as long as they have the matching private key in their local SSH folder and know the associated password.

= Troubleshooting

SSH errors

Change /etc/ssh/sshd_config

permitRootLogin yes

back to no

AllowUsers test username

Retrieved from "https://ces-wiki.fas.harvard.edu/index.php?title=Add_an_SSH_user_to_Digital_Ocean&oldid=1274"