To create a new user with sudo privileges and enable SSH access on an Ubuntu system after creating a new droplet, follow these steps:
-
Log in to the Droplet: Use SSH to log in to the droplet as the
root
user.ssh root@your_droplet_ip
-
Create a New User: Replace
username
with the desired username.adduser username
-
Grant Sudo Privileges: Add the new user to the
sudo
group.usermod -aG sudo username
-
Set Up SSH for the New User:
a. Switch to the new user account.
```bash su - username ```
b. Create a
.ssh
directory.```bash mkdir ~/.ssh chmod 700 ~/.ssh ```
c. On your local machine, generate an SSH key pair if you haven't already.
```bash ssh-keygen ```
d. Copy the public key to the server. Replace
local_machine
with your local machine's IP andusername
with your new user's name.```bash ssh-copy-id username@local_machine ```
e. Alternatively, you can manually paste your SSH public key into the new user's
~/.ssh/authorized_keys
file.```bash nano ~/.ssh/authorized_keys # Paste the SSH public key here chmod 600 ~/.ssh/authorized_keys ```
-
Test the SSH Connection: Log out from the droplet and try logging in with the new user.
ssh username@your_droplet_ip
-
(Optional) Disable Root SSH Login: For security, you might want to disable SSH login for the root user. Edit the SSH configuration file:
sudo nano /etc/ssh/sshd_config
Find the line
PermitRootLogin yes
and change it toPermitRootLogin no
. Restart the SSH service:sudo systemctl restart sshd
To remove the requirement for a password when running sudo
commands for a specific user, you need to edit the sudoers
file. This file controls the sudo
privileges. Here's how to do it:
-
Edit the sudoers file: Use the
visudo
command to safely edit thesudoers
file. It's important to usevisudo
because it checks for syntax errors before saving, which can prevent lockouts.sudo visudo
-
Add a No-Password Entry: In the
visudo
editor, add the following line at the end of the file, replacingusername
with your user's name. This line specifies that your user can runsudo
commands without entering a password.username ALL=(ALL) NOPASSWD: ALL
-
Save and Exit: Save the file and exit. In most cases, this is done by pressing
Ctrl + X
, thenY
, andEnter
if you are using the Nano editor. -
Test the Change: Test the new configuration by running a
sudo
command with the user. It should not prompt for a password.sudo [some command]
Be cautious with this setting, as it increases security risks. Ensure that this user is secure and that you understand the implications of allowing passwordless sudo
access.