Step 1 — Logging in as root
ssh root@your_server_ip
Step 2 — Creating a New User
adduser sammy
Step 3 — Granting Administrative Privileges
usermod -aG sudo sammy
Step 4 — Setting Up a Basic Firewall
ufw app list
ufw allow OpenSSH
ufw status
Step 5 — Enabling External Access for Your Regular User
If the root Account Uses Password Authentication
ssh sammy@your_server_ip
enter password
If the root Account Uses SSH Key Authentication
If you logged in to your root account using SSH keys, then password authentication is disabled for SSH. You will need to add a copy of your local public key to the new user’s ~/.ssh/authorized_keys
file to log in successfully.
Since your public key is already in the root account’s ~/.ssh/authorized_keys
file on the server, we can copy that file and directory structure to our new user account in our existing session.
The simplest way to copy the files with the correct ownership and permissions is with the rsync
command. This will copy the root user’s .ssh
directory, preserve the permissions, and modify the file owners, all in a single command. Make sure to change the highlighted portions of the command below to match your regular user’s name:
Note: The rsync
command treats sources and destinations that end with a trailing slash differently than those without a trailing slash. When using rsync
below, be sure that the source directory (~/.ssh
) does not include a trailing slash (check to make sure you are not using ~/.ssh/
).
If you accidentally add a trailing slash to the command, rsync
will copy the contents of the root account’s ~/.ssh
directory to the sudo
user’s home directory instead of copying the entire ~/.ssh
directory structure. The files will be in the wrong location and SSH will not be able to find and use them.
rsync –archive –chown=sammy:sammy ~/.ssh /home/sammy
ssh sammy@your_server_ip