l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2002 Nov 14 14:56

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] SSH Login
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] SSH Login



On Thursday, November 14, 2002, at 05:12  AM, karthikeyan wrote:

> Hi,
>
>   Thanks for your kind reply.  I m sure users created through
>
>   $ useradd <username>
>
>   are not able to do an ssh except for root.

Then you need to adjust your config file (possibly in 
/etc/ssh/ssh_config).

You must have a line in there something like:

   DenyUsers *

sometime after that point, add a line like:

   AllowUsers karthik karthfriend

>
>   Oh you suggest me not to log in as root but how do I create another 
> user
> who has
>
>   + equivalent privileges as root i.e [karthik] and

You cannot, and don't want to, give your username equivalent privileges 
to root: you need only to give it the ability to temporarily *acquire* 
equivalent privileges to root. When you need to be root for a little 
while, type

   $ su

or possibly

   $ su -

and you will be root (you should also look into the `sudo' command.) 
Exit from the shell when you are done needing your root powers, and you 
will be back to joe blow user. This practice can save you a lot of 
frustration when you accidentally abuse the `rm' command or somesuch...

For the new user, s/he will by default have no real control over his/her 
environment save for the new home directory and mailbox. To add 
privileges, add him/her to the appropriate group with permissions for 
whatever s/he should be able to do.

>   + one more user who has less power than  [karthik] but just enough to
> install small small modules.
>
>   My friend is running an hosting business and he has some 100 users but
> they cant do ssh login for sure and those user were created through 
> these
> simple commands only.
>
>  $ useradd <username>
>  $ passwd <username>
>  $ chown -R <username> <user home directory>
>  $ chgrp -R <username> <user home directory>
>  $ chmod 755 <user home directory>
>
>   Any comments on this please
>
> karthikeyan.
>
>  ----- Original Message -----
> From: "Micah Cowan" <micah@cowan.name>
> To: <vox@lists.lugod.org>
> Sent: Thursday, November 14, 2002 2:14 PM
> Subject: Re: [vox] SSH Login
>
>
>>
>> Nobody, not even you, should be logging in as root unless you have a
>> very good reason to. Most of the time, you should access your site 
>> using
>> a less privileged account, and su or sudo to root as necessary.
>>
>> If your SSH server is set up to allow password-based access (quite
>> common, and  in the default configuration I believe), your friend 
>> should
>> be able to login via ssh using his/her username and password, after
>> you've created them with useradd and passwd. Otherwise, generate 
>> his/her
>> keypair with ssh-keygen according to the SSH documentation, and hand
>> your friend the secret key when you see him/her next.
>>
>> HTH,
>> Micah
>>
>> On Thursday, November 14, 2002, at 12:12  AM, karthikeyan wrote:
>>
>>> Hi All,
>>>
>>> I m new to this admin stuff. I have an SSH root login access to my
>>> friends server at florida. My question would be how to create a login
>>> less
>>> powerfull then [root] so that i can share with a person who is trying 
>>> to
>>> build a Control Panel for our Hosting Site. I know how to create user
>>> using
>>> [useradd <user name>].
>>>
>>> Environment : Redhat 7.3
>>>
>>> Looking forward for earliest response.
>>>
>>> karthikeyan.
>>
>> _______________________________________________
>> vox mailing list
>> vox@lists.lugod.org
>> http://lists.lugod.org/mailman/listinfo/vox
>>
>
>
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox
>

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.