Add an SSH user to Digital Ocean

From CES IT Wiki
Revision as of 17:50, 6 June 2023 by Kyle.Madsen (talk | contribs) (Created page with "== Add an SSH enabled user to Digital Ocean == === Steps to build the local account and allow SSH connection === # Generate an SSH key pair. # Log into the server via already...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Add an SSH enabled user to Digital Ocean

Steps to build the local account and allow SSH connection

  1. Generate an SSH key pair.
  2. Log into the server via already established SSH user.
  3. Create a new user
    1. sudo su
    2. adduser "username" --disabled-password
  4. Add the new user to the sudo group
    1. usermod -aG sudo "username"
  5. change to new user to create and give folders correct permissions
    1. sudo su - new_user
    2. mkdir /home/"username"/.ssh
    3. chmod 700 /home/"username"/.ssh
    4. touch /home/"username"/.ssh/authorized_keys
    5. chmod 600 /home/"username"/.ssh/authorized_keys
  6. Copy the text of the .rsa file to the new authorized_keys file.
    1. The above is best practice but does not seem to work on our servers. Below are the extra steps to allow a user to authenticate via ssh.
  7. Become root sudo user again
    1. sudo su
  8. Navigate to /etc/ssh/authorized_keys
    1. create a new file with "username" as the title and the content of the authorized_keys file created above.
  9. This should allow the user to login via SSH as long as they have the matching private key in their local SSH folder and know the associated password.
Retrieved from "https://ces-wiki.fas.harvard.edu/index.php?title=Add_an_SSH_user_to_Digital_Ocean&oldid=1164"