Add an SSH user to Digital Ocean: Difference between revisions

From CES IT Wiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
No edit summary
 
Line 24: Line 24:
=== Troubleshooting ==
=== Troubleshooting ==
SSH errors
SSH errors
 
:Change /etc/ssh/sshd_config
Change /etc/ssh/sshd_config
::permitRootLogin yes
 
:::back to no
permitRootLogin yes
::AllowUsers test username
 
back to no
 
AllowUsers test username

Latest revision as of 20:04, 8 October 2024

Add an SSH enabled user to Digital Ocean

[edit | edit source]

Steps to build the local account and allow SSH connection

[edit | edit source]
  1. Generate an SSH key pair.
  2. Log into the server via already established SSH user.
  3. Create a new user
    1. sudo su
    2. adduser "username"
  4. Add the new user to the sudo group
    1. usermod -aG sudo "username"
  5. change to new user to create and give folders correct permissions
    1. sudo su - new_user
    2. mkdir /home/"username"/.ssh
    3. chmod 700 /home/"username"/.ssh
    4. touch /home/"username"/.ssh/authorized_keys
    5. chmod 600 /home/"username"/.ssh/authorized_keys
  6. Copy the text of the .rsa file to the new authorized_keys file.
    1. The above is best practice but does not seem to work on our servers. Below are the extra steps to allow a user to authenticate via ssh.
  7. Become root sudo user again
    1. sudo su
  8. Navigate to /etc/ssh/authorized_keys
    1. create a new file with "username" as the title and the content of the authorized_keys file created above.
  9. This should allow the user to login via SSH as long as they have the matching private key in their local SSH folder and know the associated password.

= Troubleshooting

[edit | edit source]

SSH errors

Change /etc/ssh/sshd_config
permitRootLogin yes
back to no
AllowUsers test username
Retrieved from "https://ces-wiki.fas.harvard.edu/index.php?title=Add_an_SSH_user_to_Digital_Ocean&oldid=1275"