# First Steps

# Add User
## To system

```sh
root@balrock:~ # adduser
Username: username
Full name: 
Uid (Leave empty for default): 
Login group [username]: 
Login group is username. Invite username into other groups? []: wheel
Login class [default]: 
Shell (sh csh tcsh bash rbash nologin) [sh]: bash
Home directory [/home/username]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]: 
Username   : username
Password   : *****
Full Name  : 
Uid        : 1001
Class      : 
Groups     : username wheel
Home       : /home/username
Home Mode  : 
Shell      : /usr/local/bin/bash
Locked     : no
OK? (yes/no) [yes]: 
adduser: INFO: Successfully added (username) to the user database.
Add another user? (yes/no) [no]: 
Goodbye!
```

## User SSH-Key
Copy PC SSH KEY
```sh
ssh-copy-id username@server-ip-address
```
Create SSH-Keypair
```sh
ssh-keygen -t rsa -b 4096
```

## Configure SSHD

```sh
vim /etc/ssh/sshd_config
```

```bash
# Authentication:

#LoginGraceTime 2m
PermitRootLogin no
StrictModes yes
MaxAuthTries 6
MaxSessions 10

AllowUsers username

PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
```

Then delete the line 

```sh
PasswordAuthentication yes
```

from the bottom of your  `/etc/ssh/sshd_config`

## To Doas

The configuration file for `doas` is typically located at `/usr/local/etc/doas.conf` or `/etc/doas.conf`. You can create or edit this file using a text editor:

```sh
sudo vim /usr/local/etc/doas.conf
```

```plaintext
# Allow user john to execute root commands
permit john
```