Skip to content

Instantly share code, notes, and snippets.

@mehdi89

mehdi89/create a user as ubuntu after creating a new droplet in digital ocean and allow ssh sudo.md

Created December 20, 2023 16:29
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mehdi89/ca7e757037d766daabdbab3a447d29de to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mehdi89/ca7e757037d766daabdbab3a447d29de to your computer and use it in GitHub Desktop.
Download ZIP
create a user as ubuntu after creating a new droplet in digital ocean and allow ssh sudo
Raw
create a user as ubuntu after creating a new droplet in digital ocean and allow ssh sudo.md

To create a new user with sudo privileges and enable SSH access on an Ubuntu system after creating a new droplet, follow these steps:

  1. Log in to the Droplet: Use SSH to log in to the droplet as the root user.

    ssh root@your_droplet_ip

  2. Create a New User: Replace username with the desired username.

    adduser username

  3. Grant Sudo Privileges: Add the new user to the sudo group.

    usermod -aG sudo username

  4. Set Up SSH for the New User:

    a. Switch to the new user account.

     ```bash
 su - username
 ```

    b. Create a .ssh directory.

     ```bash
 mkdir ~/.ssh
 chmod 700 ~/.ssh
 ```

    c. On your local machine, generate an SSH key pair if you haven't already.

     ```bash
 ssh-keygen
 ```

    d. Copy the public key to the server. Replace local_machine with your local machine's IP and username with your new user's name.

     ```bash
 ssh-copy-id username@local_machine
 ```

    e. Alternatively, you can manually paste your SSH public key into the new user's ~/.ssh/authorized_keys file.

     ```bash
 nano ~/.ssh/authorized_keys
 # Paste the SSH public key here
 chmod 600 ~/.ssh/authorized_keys
 ```

  5. Test the SSH Connection: Log out from the droplet and try logging in with the new user.

    ssh username@your_droplet_ip

  6. (Optional) Disable Root SSH Login: For security, you might want to disable SSH login for the root user. Edit the SSH configuration file:

    sudo nano /etc/ssh/sshd_config

    Find the line PermitRootLogin yes and change it to PermitRootLogin no. Restart the SSH service:

    sudo systemctl restart sshd

To remove the requirement for a password when running sudo commands for a specific user, you need to edit the sudoers file. This file controls the sudo privileges. Here's how to do it:

  1. Edit the sudoers file: Use the visudo command to safely edit the sudoers file. It's important to use visudo because it checks for syntax errors before saving, which can prevent lockouts.

    sudo visudo

  2. Add a No-Password Entry: In the visudo editor, add the following line at the end of the file, replacing username with your user's name. This line specifies that your user can run sudo commands without entering a password.

    username ALL=(ALL) NOPASSWD: ALL

  3. Save and Exit: Save the file and exit. In most cases, this is done by pressing Ctrl + X, then Y, and Enter if you are using the Nano editor.

  4. Test the Change: Test the new configuration by running a sudo command with the user. It should not prompt for a password.

    sudo [some command]

Be cautious with this setting, as it increases security risks. Ensure that this user is secure and that you understand the implications of allowing passwordless sudo access.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment