Versions Compared

Version Old Version 18 New Version Current
Changes made by

David Lau

David Lau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
stylenone

Create administrator account

...

  • Login to the machine with the ece-li-admin account.

  • Add the new user account:

    Code Block
    sudo adduser username <username> --disabled-password --gecos ""

  • Enter any relevant information for the user account.

  • Add the user to the sudo group:

    Code Block
    sudo usermod -aG sudo username<username>

  • To test the new account, logout and log back in using the new user account.

...

The preferred method of authenticating users for accessing the system is through the use of SSH keys. The user generates their own key pair and sends the public key portion to the server administrator for enabling the account.

Create

...

A user account needs to exist to which the SSH key will be associated. If the user account does not already exist, create it.

...

Create the user account.

Code Block
sudo adduser username

...

Do not enter a password when prompted, as the SSH key will be the method of authentication.

If necessary, add the user to the sudo group.

...

administrator account

Create administrator account using instructions above.

User .ssh folder

Setup the user SSH folder.

...

  • Run visudo.

    Code Block
    sudo visudo

  • Find the sudo group entry. It will look like the following:

    Code Block
    %sudo   ALL=(ALL:ALL) ALL

  • Add a no-password rule:

    Code Block
    your_username ALL=(ALL:ALL) NOPASSWD:ALL

    If you wish to remove the sudo password requirement for all users:

    Code Block
    %sudo   ALL=(ALL:ALL) NOPASSWD:ALL

  • Exit visudo and save by pressing CTRL+X, then Y, and then ENTER.

...

  • Create ~/.ssh/config file.

    Code Block
    sudo nano ~/.ssh/config

  • Add entry for server. For example,

    Code Block
    Host openedx-01
  Hostname ece-openedx-01.eng.uwaterloo.ca
  User d24lau
  IdentifyFileIdentityFile /Users/d24lau/.ssh/id_rsa_d24lau_01

  • Exit and save.

  • Load the key into the SSH Agent. For example,

    Code Block
    sudo chmod 600 ~/.ssh/id_rsa_d24lau_01
ssh-add ~/.ssh/id_rsa_d24lau_01

Remove password

If an account was enabled with a password, but now the password is to be removed (i.e. for SSH key access only):

Code Block
sudo passwd -l <username>