User login

Home
 Update a Debian user's password and passkey and grant sudo access

Update a Debian user's password and passkey and grant sudo access

Submitted by Benjamin Melançon on September 29, 2008 - 6:36am
in

For a user named agaric:

sudo passwd agaric
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

From a different server with working id_dsa public key that had been cat'd into authorized_keys:

scp authorized_keys ben@example.org:~

Then back on the server to which we're updating this user, from your own home directory to which you just uploaded the authorized keys file.
sudo mv authorized_keys /home/agaric/.ssh

Alternatively (and more likely your situation), get and upload the user's public key, and cat it into authorized_keys, creating that file if necessary. (See creating SSH keys.)

... but, our user still cannot login without a password.

i cannot change the owner of the authorized_keys file. perhaps that's the root of the problem.

To which I responded:

blast! i swear this is documented on Agaric somewhere, i remember this now

ben@example.org:/home/agaric/.ssh$ ls -la
total 20
drwxr-xr-x 2 agaric agaric 4096 Sep 21 16:08 .
drwxr-xr-x 8 agaric agaric 4096 Jul 22 2007 ..
-rw-r--r-- 1 agaric agaric 799 Jul 22 2007 OLD_authorized_keys
-rw-r--r-- 1 ben ben 396 Sep 21 16:02 authorized_keys
-rw-r--r-- 1 agaric agaric 442 Jul 22 2007 known_hosts

ben@example.org:/home/agaric/.ssh$ sudo chown agaric:agaric authorized_keys
ben@example.org:/home/agaric/.ssh$ ls -la
total 20
drwxr-xr-x 2 agaric agaric 4096 Sep 21 16:08 .
drwxr-xr-x 8 agaric agaric 4096 Jul 22 2007 ..
-rw-r--r-- 1 agaric agaric 799 Jul 22 2007 OLD_authorized_keys
-rw-r--r-- 1 agaric agaric 396 Sep 21 16:02 authorized_keys
-rw-r--r-- 1 agaric agaric 442 Jul 22 2007 known_hosts

I let our user know:

ok, it's changed to being owned by you

Test successful!

Now the public key login works.

What else is there to say?

awesome

Now that the user has a secure public key, let's give them sudo privileges.

Adding a user to sudo access, the sudoers file:

Not this way:
sudo vi /etc/sudoers

# This file MUST be edited with the 'visudo' command as root.

This way:

$ su root
Password:

visudo

Resolution

Searched words: 
ssh access to servers no password reload ssh daemon set user password debian

Comments

SSH

Submitted by romy (not verified) on January 22, 2012 - 5:02pm.

thanks ben <3

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.
  • You can use Markdown syntax to format and style the text. Also see Markdown Extra for tables, footnotes, and more.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <blockquote> <small> <h2> <h3> <h4> <h5> <h6> <sub> <sup> <p> <br> <strike> <table> <tr> <td> <thead> <th> <tbody> <tt> <output>
  • Lines and paragraphs break automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.