Friday, April 25, 2008

OpenSSH Public Key Authorization on Linux

To find out whether a user exists or not in a Linux machine:
*    grep username /etc/passwd
or
*    id username

To give a new user access to Linux machine:
1. Login as root user
2. Run this:
    $ /usr/sbin/adduser new_user
3. Set a new password:
    $ passwd new_user
    (and put the password when prompted)

To give them root access:
4. Edit the /etc/sudoers file
    $ vi /etc/sudoers
    User_Alias YOUR_GROUP = new_user
    YOUR_GROUP ALL=(ALL) NOPASSWD: ALL

To test whether the new_user has been granted root access, run these two commands:
    $ su new_user (user should be 'new_user' now)
    $ sudo su (user should be 'root' now)
If the conditions above met, then new_user has root access.

If the new_user want to use public/private key gen authorization:
5. Change your user to be the new_user
    $ su new_user
6. Create ~/.ssh/authorized_keys file if it doesn't exist yet
    $ mkdir ~/.ssh
    $ chmod 700 ~/.ssh
7. Insert the public key on the authorized_keys file
    $ vi ~/.ssh/authorized_keys
    (insert the public key entry)

No comments: