Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Current »

These steps will let the user that you create ssh to a running instance using a password you set.  The user can reset the password once they login and/or add their ssh keys.

Step-by-step guide

All steps to be run as root or using sudo. <USERNAME> should be replaced with an actual username

  1. Sudo or otherwise become root: sudo su -
  2. Create the user: adduser <username>
  3. Assign a temporary password: passwd <username> 
  4. Add the user to group "users" : usermod -a -G users <username>
    If don't do this step, you'll get a "connection denied" message when you try to ssh in.


After you create the User

Determine if you have a user's public SSH key and/or will use passwords.

• If you have the user's public SSH key, do the following:

  1. Create the users .ssh directory:  mkdir ~<username>/.ssh/

  2. Set the permissions on this directory:  chmod 700 ~<username>/.ssh/
  3. Set the user to own this directory: chown <username>:<username> ~<username>/.ssh/
  4. Authorize the key: Copy the user's public ssh into ~<username>/.ssh/ and use an editor to create/edit the file authorized_keys in that directory and paste the contents of their public SSH into that file
  5. Set the permissions to the authorization file:  chown <username>:<username> ~<username>/.ssh/authorized_keys

AND/OR

• Do these steps to enable password use. It is best, from a security standpoint, to ONLY allow public key access, as above.

  1. Edit /etc/ssh/sshd_config and add the line PasswordAuthentication yes and then save the file
  2. Restart sshd ('service sshd restart' for CentOS 6, 'service ssh restart' for Ubuntu 14.04 systems, -OR- 'systemctl sshd restart' for CentOS 7 and Ubuntu 16/18)

  • No labels