Add an SSH user to Digital Ocean: Difference between revisions

Latest revision as of 20:04, 8 October 2024

Generate an SSH key pair.
Log into the server via already established SSH user.
Create a new user
1. sudo su
2. adduser "username"
Add the new user to the sudo group
1. usermod -aG sudo "username"
change to new user to create and give folders correct permissions
1. sudo su - new_user
2. mkdir /home/"username"/.ssh
3. chmod 700 /home/"username"/.ssh
4. touch /home/"username"/.ssh/authorized_keys
5. chmod 600 /home/"username"/.ssh/authorized_keys
Copy the text of the .rsa file to the new authorized_keys file.
1. The above is best practice but does not seem to work on our servers. Below are the extra steps to allow a user to authenticate via ssh.
Become root sudo user again
1. sudo su
Navigate to /etc/ssh/authorized_keys
1. create a new file with "username" as the title and the content of the authorized_keys file created above.
This should allow the user to login via SSH as long as they have the matching private key in their local SSH folder and know the associated password.

SSH errors

Change /etc/ssh/sshd_config

permitRootLogin yes

back to no

AllowUsers test username

@@ Line 21: / Line 21: @@
 ## create a new file with "username" as the title and the content of the authorized_keys file created above.
 # This should allow the user to login via SSH as long as they have the matching private key in their local SSH folder and know the associated password.
+=== Troubleshooting ==
+SSH errors
+:Change /etc/ssh/sshd_config
+::permitRootLogin yes
+:::back to no
+::AllowUsers test username