SSH SETUP FOR NEW USERS

A quick reference guide for setting up SSH directories, files, and permissions for new linux users. This guide assumes you are currently logged in with your new user and that user has the sudo privilege.

1. Navigate to your home directory

cd ~/

2. Check if the ".ssh" directory exists

ls -la

if the .ssh directory already exists, skip to step 4, otherwise, continue with setup

3. Make the .ssh directory

sudo mkdir ~/.ssh

add correct permissions

sudo chmod 700 ~/.ssh

add correct ownership

sudo chown mynewusername:mynewusername ~/.ssh

4. Check if there is an "authorized_keys" file

cd ~/.ssh

ls -la

if the authorized_keys file exists, skip to step 6, otherwise, continue with setup

5. Create the authorized_keys file

touch ~/.ssh/authorized_keys

add correct permissions

sudo chmod 600 ~/.ssh/authorized_keys

add correct ownership

sudo chown mynewusername:mynewusername ~/.ssh/authorized_keys

6. If you need to create a key pair, on your local system (not the remote ssh target), create a new key pair using the steps listed here and don't forget to add the private key to your authentication agent.

7. On your remote system, we need to add the key to the authorized_keys file. From your local host, run the following command

Linux

ssh-copy-id -i "path/to/public/key" mynewusername@IP

Windows

ssh-copy-id -i "path\to\public\key" mynewusername@IP

Or manually by copying the contents of your new public key (.pub) and pasting it in the following command on the remote system.

echo "public key goes here in quotes" >> ~/.ssh/authorized_keys

verify the key was added correctly

cat ~/.ssh/authorized_keys

8. If you have /etc/ssh/sshd_config locked down by allowed users, you will need to add them to the AllowUsers line.

sudo nano /etc/ssh/sshd_config
AllowUsers existingusername mynewusername

9. Restart ssh

sudo systemctl restart ssh

Thanks for reading!

- SH3LL

CONNECT