So you've just spun up a sweet new Amazon EC2 instance and you want give access to some collaborators so you can work on the latest open-source project. Well today we're going to walk through how to create a user and give them ssh access. The following instructions are for Ubuntu 12.04 but should work for most linux flavors.
To add a user:
$ sudo adduser bob Adding user `bob' ... Adding new group `bob' (1004) ... Adding new user `bob' (1004) with group `bob' ... Creating home directory `/home/bob' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: . . .
So we've just created user "bob" but we still need to give him the ability to login into the server. We can do this two ways either with a user:password or public key authentication. The smarter (but slightly more complicated way) is to use the public key method so our users aren't sending plaintext passwords over the wire when they login. In order to setup ssh for a user, we need a place to put their public key so that ssh daemon knows where to look. The default location is the .ssh directory in the users home and the default file where the public keys are stored is called authorized_keys.
Switch to the user you just created:
sudo su bob
Change to his home directory:
Make the .ssh directory:
mkdir .ssh && cd .ssh/
Create the authorized_keys file:
Now, when Bob sends you his public key, simply add it into the authorized keys file. Now we need to get the ssh daemon to allow bob to login and to do this we need to edit the sshd_config file.
$ sudo vi /etc/ssh/ssd_config
AllowUsers bob to the file.
$ sudo restart ssh
Now bob can ssh into our server but what if we want to give him sudo rights? Many sources tell you to edit the sudoers file using
sudo visudo but I've found the easier way is simply to add a config file into the sudoers.d directory.
$ cd /etc/sudoers.d/ $ vi new-sudoers
Add this line into the file:
bob ALL=(ALL) and voila, bob now has sudo permission.