Metakgp:SysAdmin/Create a new user on the server

From Metakgp Wiki
Jump to navigation Jump to search

Prerequisites

  • You need ROOT access on the server.

Process

NOTE: Replace [username] with the new user's username and [pub_key] with the user's RSA public key in all of the below commands.

  1. SSH into the server and run the command sudo adduser [username]. Fill out the password and other fields. The field Full Name MUST be filled and must contain the REAL name of the user who is being given access. This helps in keeping track of the people who have access to the server.
  2. Run the command sudo -i -u [username].
  3. Create the .ssh directory: mkdir ~/.ssh
  4. Create the ~/.ssh/authorized_keys file: touch ~/.ssh/authorized_keys.
  5. Paste the [pub_key] into this file using a text editor such as Vim or Nano. Do NOT add any extra whitespaces.
  6. Change file permissions: chmod 700 ~/.ssh and chmod 600 ~/.ssh/authorized_keys.
  7. Run the commands exit and sudo chage -d 0 [username]. This will force the user to change their password when they log in for the first time.

Command Summary

sudo adduser [username]
sudo -i -u [username]
mkdir ~/.ssh
vim ~/.ssh/authorized_keys # Hope you know how to exit Vim
# paste the [pub_key] into this file
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
exit
sudo chage -d 0 [username]

Optional

  • To give the user access to sudo command, run sudo usermod -aG sudo [username]. (WARNING: This gives the user root access aka god mode)
  • To give the user access to Docker containers and volumes, add them to the docker group with sudo usermod -aG docker [username].
  • For other permission groups (eg: administrator access), read Users and Groups (Arch Wik).

Reference: https://metakgp.slack.com/files/T0AHQ612B/FU2AYFCNR