Provisioning a new user on an Ubuntu Machine manually.

user_setup_ubuntu.md

While experimenting with Ubuntu on a variet of systems I often need to stand up a brand new machine and secure access to it. A lot of providers will setup the machine using the root account and email you a password. I'd rather not use the root user and setup RSA Keys. Doing this manually is a bit of a chore but if you don't have any other options here's how to do it.

1 Create User

1. Use adduser to do this quickly.
2. Run adduser <username>.
3. Enter a new password twice, Remember this needed for sudo.

2 Create User SSH Config

This is the section i always forget, I'll usually spend half an hour googling for the chmod settings required.

1. su <username>
2. Create .ssh Folder and authorized keys file

mkdir ~/.ssh
touch ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

1. Add a public key to authorized_keys. This is one line per public key. Check it very carefully. Misspastes or typos can lock you out. ssh-copy-id <username>@<host> can be used from Unix machines. I use windows.

3 Setup SSH Config

1. In /etc/ssh/sshd_config

PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys .ssh/authorized_keys2

Add New User to Sudo Group (Optional)

usermod -a -G sudo <username>

Disable Root Login (Optional)

1. In /etc/ssh/sshd_config

PermitRootLogin no

Disable Password Auth (Optional)

1. In /etc/ssh/sshd_config

PasswordAuthentication no

Further Work

1. Automate this Options:
   • CloudConfig
   • Chef / Puppet
   • Ansible
   • iPXE

References

• https://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/
• https://help.ubuntu.com/community/SSH/OpenSSH/Keys
• https://www.cyberciti.biz/faq/ubuntu-add-user-to-group/