[colug-432] Creating SSH for New User

William Yang wyang at gcfn.net
Wed May 13 13:13:03 EDT 2015


... or, more precisely:

cd [userhomedir]
find .ssh \( -type f -exec chmod 0600 -v {} \; \) \
	-o \( -type d -exec chmod -v 0700 {} \; )

You'll need the execute bit on directories but probably not on other files
in your .ssh directory.



On 05/10/2015 10:33 PM, Chris Embree wrote:
> I'm not sure if Debian/Ubuntu is different from SuSE/RHEL, but I
> include the -m flag to create the users home dir.
> 
> Likewise I typically use visudo to edit sudoers and ensure no type-o's.
> 
> In real problem solving, I think the 700 permissions are more bad than
> good as far as SSH is concerned.    Make sure "User" owns everything
> and perms are 600.
> 
> 
> 
> On 5/10/15, Steve VanSlyck <s.vanslyck at postpro.net> wrote:
>> My new user (me) can't log on via SSH. Can someone look this over and
>> tell me what super basic thing I've done wrong?
>>
>> What I did:
>>
>> _As root_:
>>
>> Add user "name" /usr/sbin/adduser name Create password passwd name
>> [created the password] Give root permissions sudo nano /etc/sudoers
>> [added the line name ALL=(All) ALL Re-enabled password authentication in
>> sshd_config and restarted sshd
>>
>> _As the new user "name"_:
>>
>> made directory mkdir ./ssh created file and added public key to file
>> authorized keys sudo nano ~/.ssh/authorized_keys [entered the public key
>> (which I call a "lock")] updated permissions "just in case" chmod 700
>> ~/.ssh chmod 600 ~/.ssh/authorized_keys
>>
>> tried to login with the private key Result: server refused the key.
>>
>> Any idea what I'm doing wrong?
>>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
> 


-- 
William Yang
wyang at gcfn.net


More information about the colug-432 mailing list