Quick guide configuring SSH access and sudo for new linux user on CentOS server

Create group for your user

Add user to group

Change user’s password

Now let’s make this user sudoer. Create a new file /etc/sudoers.d/my_sudoers

To configure specific user

To configure group you have to put % at the beginning

Now the user can become sudo, but you cannot log into the user via SSH. Let’s fix that. To file /etc/ssh/sshd_config, add SSH connection access for the user or whole group we created.
For specific user:

For whole group:

In addition, if you want to be able to autheticate as the user using user’s password, we need to setup:

The ChallengeResponseAuthentication yes is enough to be able to login via password. Difference between these two options is that PasswordAuthentication provides option to pass password as parameter to server in plaintext, whereas the ChallengeResponseAuthentication enables option of interactive password input after the client tunelled secure connection to server. So you better don’t enable PasswordAuthentication unless you have very good reason doing so.
Now restart sshd service and you are done.

You might however want to also private key based authentication. We can generate keys locally and upload to server like

Which generates public key my-key.pub, private key my-key
Copy public key to /home/your_user/.ssh/rsa_id, easily using

And test it

If you are using multiple RSA keys across different servers and you don’t always want to be bother explicitely specifying which one should be used, use ssh-add my-key. Now connecting to server got a whole level simpler, just

and you are in!

Leave a Reply

Your email address will not be published. Required fields are marked *