Skip to main content

First Steps

Add User

To system

root@balrock:~ # adduser
Username: username
Full name: 
Uid (Leave empty for default): 
Login group [username]: 
Login group is username. Invite username into other groups? []: wheel
Login class [default]: 
Shell (sh csh tcsh bash rbash nologin) [sh]: bash
Home directory [/home/username]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]: 
Username   : username
Password   : *****
Full Name  : 
Uid        : 1001
Class      : 
Groups     : username wheel
Home       : /home/username
Home Mode  : 
Shell      : /usr/local/bin/bash
Locked     : no
OK? (yes/no) [yes]: 
adduser: INFO: Successfully added (username) to the user database.
Add another user? (yes/no) [no]: 
Goodbye!

User SSH-Key

Copy PC SSH KEY

ssh-copy-id username@server-ip-address

Create SSH-Keypair

ssh-keygen -t rsa -b 4096

Configure SSHD

vim /etc/ssh/sshd_config

# Authentication:

#LoginGraceTime 2m
PermitRootLogin no
StrictModes yes
MaxAuthTries 6
MaxSessions 10

AllowUsers username

PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no

Then delete the line

PasswordAuthentication yes

from the bottom of your /etc/ssh/sshd_config

To Doas

The configuration file for doas is typically located at /usr/local/etc/doas.conf or /etc/doas.conf. You can create or edit this file using a text editor:

sudo vim /usr/local/etc/doas.conf

# Allow user john to execute root commands
permit john
Back to top