These steps will let the user that you create ssh to a running instance using a password you set. The user can reset the password once they login and/or add their ssh keys.
All steps to be run as root or using sudo. <USERNAME> should be replaced with an actual username
- Sudo or otherwise become root: sudo su -
- Create the user: adduser <username>
- Assign a temporary password: passwd <username>
- Add the user to group "users" : usermod -a -G users <username>
If don't do this step, you'll get a "connection denied" message when you try to ssh in.
Determine if you have a user's public SSH key and/or will use passwords.
• If you have the user's public SSH key, do the following:
Create the users .ssh directory: mkdir ~<username>/.ssh/
- Set the permissions on this directory: chmod 700 ~<username>/.ssh/
- Set the user to own this directory: chown <username>:<username> ~<username>/.ssh/
- Authorize the key: Copy the user's public ssh into ~<username>/.ssh/ and use an editor to create/edit the file authorized_keys in that directory and paste the contents of their public SSH into that file
- Set the permissions to the authorization file: chown <username>:<username> ~<username>/.ssh/authorized_keys
• Do these steps to enable password use. It is best, from a security standpoint, to ONLY allow public key access, as above.
- Edit /etc/ssh/sshd_config and add the line PasswordAuthentication yes and then save the file
- Restart sshd ('service sshd restart' for CentOS 6, 'service ssh restart' for Ubuntu 14.04 systems, -OR- 'systemctl restart sshd ' for CentOS 7 and Ubuntu 16/18)