Code Monkey home page Code Monkey logo

setup_new_unix_user's Introduction

Setup a New Linux User

A few notes on the setup process for a new user under Linux/UNIX systems.

User Creation and Setup

Create a new user $USER by running:

sudo useradd $USER

After setting up a user password for $USER:

sudo passwd $USER

Make sure to create a home directory at the selected location $USER_HOME by running:

sudo mkdir $USER_HOME
sudo cp -rT /etc/skel $USER_HOME
sudo usermod -d $USER_HOME $USER
sudo chown -R $USER:$USER $USER_HOME

To set a default shell for $USER, run:

sudo usermod --shell /bin/bash $USER

Adding Users to a Group/Group Management

To create a new group $GROUP, run:

sudo groupadd $GROUP

To add $USER to $GROUP, run:

sudo usermod -a -G $GROUP $USER

To change the group and user ownership of a folder/file $FILE to that of $USER and $GROUP, run:

sudo chown -R $USER:$GROUP $FILE

To change the group ownership of a folder/file $FILE to that of $GROUP, run:

sudo chgrp -R $GROUP $FILE

Setup SSH-key Only Access for a User

After logging in with the desired user, to generate an (RSA 4096) SSH keypair {$KEY, $KEY.pub} run:

ssh-keygen -t rsa -b 4096 -f $USER_HOME/.ssh/$KEY

To turn on and off the password/SSH publickey access, edit the associated lines in the SSH daemon config file and then restart the daemon:

sudo nano /etc/ssh/sshd_config
sudo service ssh restart

After the keypair is generated, turn off the publickey only authentication. Using the terminal on the machine you want to install the key on, connect to the remote server. After copying the private key locally (either SSH'ing and copying the content of the private key file, or using scp - e.g., scp $USER@$IP_ADDR_REMOTE:$USER_HOME/.ssh/$KEY $LOCAL_HOME/.ssh), run the following command:

ssh-copy-id -i $LOCAL_HOME/.ssh/$KEY $USER@$IP_ADDR_REMOTE

After this operation, turn off the with-password access on the remote host. After rebooting the SSH daemon on the remote machine, the following command should not work anymore (and give the error):

ssh $USER@$IP_ADDR_REMOTE

>> $USER@$IP_ADDR_REMOTE: Permission denied (publickey).

On the contrary, the following should:

ssh $USER@$IP_ADDR_REMOTE -i $LOCAL_HOME/.ssh/$KEY

Sources

The Complete Guide to “useradd” Command in Linux

Managing Users on Linux Systems

SSH Keygen

Force SSH to only allow users with a key to log in

Copy SSH Keys to a Remote Host

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.