Skip to content

How To Create An Account with SSH Key

You are here:
Estimated reading time: 2 min

Resources

  • https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-20-04
  • https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-20-04
  • https://www.ssh.com/academy/ssh/putty/windows/puttygen
  • https://putty.org/

Creating a New User

Once you are logged in with an admin privilege account , you’ll be able to add the new user account

This example creates a new user called ‘sammy’, but you should replace that with a different username:

sudo adduser sammy

Granting Administrative Privileges

To add administrative privileges to our new user, we need to add the user to the sudo group. By default, on Ubuntu 20.04, users who are members of the sudo group are allowed to use the sudo command.

As a use with admin privilege, run this command to add your new user to the sudo group (substitute ‘sammy’ with your new user’s name):

sudo usermod -aG sudo sammy

Creating the SSH Key Pair

You can use PuttyGen to generate a SSH key pair

  • Download and install PuttyGen
  • Go to Windows Start menu → All Programs → PuTTY → PuTTYgen.
  • Creating a new key pair for authentication

Enabling Password Authentication on Server

Before you can upload the public key to the web server, you would need to enable first the password authentication on the server

Open up the SSH daemon’s configuration file:

sudo nano /etc/ssh/sshd_config

Inside the file, search for a directive called PasswordAuthentication, and set the value to yes. This will enable your ability to log in via SSH using account passwords:

PasswordAuthentication yes

Save and close the file when you are finished by pressing CTRL+X, then Y to confirm saving the file, and finally ENTER to exit nano. To actually activate these changes, we need to restart the sshd service:

sudo systemctl restart ssh

Uploading the Public Key into the New User

After enabling to SSH using account password, login the new user via SSH.

ssh username@remote_host

Copying the Public Key Manually

Open your SSH key pair with the PuttyGen, and copy your public key.

In your home directory on the server, make sure the ‘~/.ssh’ directory exists. This command will create the directory if necessary, or do nothing if it already exists:

mkdir -p ~/.ssh

Now, you can create or modify the authorized_keys file within this directory. You can paste the Public key you’ve copied to the end of the authorized_keys file, creating it if necessary, using this command:

sudo echo public_key_string >> ~/.ssh/authorized_keys

In the above command, substitute the public_key_string with the Public key you copied from the PuttyGen. It should start with ssh-rsa AAAA….

Finally, we’ll ensure that the ~/.ssh directory and authorized_keys file have the appropriate permissions set:

sudo chmod -R go= ~/.ssh

It’s also important that the ~/.ssh directory belongs to the user

sudo chown -R sammy:sammy ~/.ssh

Substitue ‘sammy’ to the user name you created

We can now attempt passwordless authentication with our Ubuntu server using the SSH key you created. You can use Putty to SSH with the key

Disabling Password Authentication on Server

For security purposes, you should switch back and disable again the password authentication on the server

Open up the SSH daemon’s configuration file:

sudo nano /etc/ssh/sshd_config

Inside the file, search for a directive called PasswordAuthentication, and set the value to no:

PasswordAuthentication no

Save and close the file when you are finished by pressing CTRL+X, then Y to confirm saving the file, and finally ENTER to exit nano. To actually activate these changes, we need to restart again the sshd service:

sudo systemctl restart ssh

Was this article helpful?
Dislike 0
Views: 20
Back To Top