Use an SSH Key with Non-root Users
source link: https://www.vultr.com/docs/using-your-ssh-key-to-login-to-non-root-users
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Introduction
Vultr provides a feature that allows you to pre-install SSH keys when creating a new instance, so you can SSH to the instance as root with the key. However, the key doesn't work for non-root users. This tutorial describes three methods to use SSH keys with non-root users.
Requirements
- A Vultr Linux or BSD instance
- A non-root user account (it is example_user in this tutorial)
Option 1: Create a New SSH Key
- SSH to the instance as root.
Create an SSH key for example_user.
# sudo -u example_user ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/example_user/.ssh/id_rsa): Created directory '/home/example_user/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/example_user/.ssh/id_rsa Your public key has been saved in /home/example_user/.ssh/id_rsa.pub
Save the private key,
/home/example_user/.ssh/id_rsa
, to your computer. For example, you might copy it to your local .ssh folder as~/.ssh/example_user_id_rsa
.Delete the private key from your instance.
# rm /home/example_user/.ssh/id_rsa
Rename the public key to
authorized_keys
.# mv /home/example_user/.ssh/id_rsa.pub /home/example_user/.ssh/authorized_keys
If you saved the private key as ~/.ssh/example_user_id_rsa
, you can SSH to the server as your non-root example_user:
$ ssh -i ~/.ssh/example_user_id_rsa [email protected]
Option 2: Move the root SSH Key to the Non-root User
In this case, we'll move the root key to the example_user, which also disables the root user's SSH key access.
- SSH to the instance as root.
Create the
.ssh
directory for example_user.# mkdir /home/example_user/.ssh
Move the root key to example_user's SSH directory.
# mv /root/.ssh/authorized_keys /home/example_user/.ssh/
Change the ownership of the
.ssh
directory from root to example_user so OpenSSH can read it.# chown -R example_user:example_user /home/example_user/.ssh
Option 3: Use Startup Scripts
If you are deploying many instances, you may use the Vultr Startup Scripts feature to create a non-root user and move the SSH key automatically.
Create a Startup Script
- Select Scripts in the Customer Portal.
- Click the plus button to create a new startup script.
Paste the following script.
#!/bin/sh useradd -m -s /bin/bash example_user mv /root/.ssh /home/example_user/ chown -R example_user:example_user /home/example_user/.ssh
You can deploy instances with this script and one or more SSH keys. When the instance deploys, the script creates example_user, then moves the public SSH keys from root to example_user. Now you can SSH to the new instance as example_user with the keys you provided.
More Information
For more information about managing SSH keys, see other guides:
- How to Generate SSH Keys
- Deploy a New Instance with an SSH Key
- Connect to an Instance with an SSH Key
- How to Add and Delete SSH Keys
Want to contribute?
You could earn up to $600 by adding new articles
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK