How to Give SSH Access in Linux (Step-by-Step Guide)

Sannidhya SrivastavaSannidhya Srivastava
2 min read

Introduction to SSH

SSH (Secure Shell) is a protocol that allows secure remote access to Linux servers over an encrypted connection. It is widely used for managing servers, transferring files, and executing commands remotely.

Understanding SSH Keys: Public and Private Keys

SSH uses a cryptographic key pair for authentication:

  • Private Key: Stored securely on the client machine.

  • Public Key: Placed on the remote server in the user's authorized_keys file.

How to Generate SSH Key Pair

To generate an SSH key pair, run the following command on your local machine:

ssh-keygen

After running the command, you will get two files:

  • ~/.ssh/id_rsa (Private Key)

  • ~/.ssh/id_rsa.pub (Public Key)

The public key (id_rsa.pub) should be added to the remote server to enable secure authentication.

1. Adding SSH Access for an Existing User

If the user account already exists, follow these steps (replace the username with existing username):

sudo mkdir /home/username/.ssh   # Create the .ssh directory if not exists
sudo tee -a /home/<new_username>/.ssh/authorized_keys  # Check if the key already exists
sudo chown username:username /home/username/.ssh  # Set correct ownership
sudo chmod 700 /home/username/.ssh  # Secure the .ssh directory
sudo chmod 600 /home/username/.ssh/authorized_keys  # Secure the authorized_keys file

Explanation of Commands:

  1. mkdir: Creates the SSH directory if it does not exist.

  2. grep: Checks if the public key already exists in the authorized_keys file.

  3. chown: Assigns ownership of the directory to the user.

  4. chmod 700: Restricts access to the .ssh directory (only the user can access it).

  5. chmod 600: Ensures only the user can read and write the authorized_keys file.

2. Adding a New User with SSH Access

If the user does not exist, create a new user and grant SSH access (replace <new_username> with new username) :

sudo useradd -m <new_username>  # Create a new user with a home directory
sudo mkdir -p /home/<new_username>/.ssh  # Create SSH directory
sudo tee -a /home/<new_username>/.ssh/authorized_keys  # Add the public key
sudo chown -R <new_username>:<new_username> /home/<new_username>/.ssh  # Set correct ownership
sudo chmod 700 /home/<new_username>/.ssh  # Secure the .ssh directory
sudo chmod 600 /home/<new_username>/.ssh/authorized_keys  # Secure the authorized_keys file

Explanation of Commands:

  1. useradd -m: Creates a new user with a home directory.

  2. mkdir -p: Ensures the .ssh directory exists.

  3. tee -a: Appends the public key to the authorized_keys file.

  4. chown -R: Recursively sets correct ownership.

  5. chmod 700 & 600: Ensures proper security permissions.

Testing SSH Access

Once you've added the public key, test the SSH connection from your local machine:

ssh -i <private_key> <new_username>@<server_ip>

If everything is set up correctly, you should log in without entering a password.

3
Subscribe to my newsletter

Read articles from Sannidhya Srivastava directly inside your inbox. Subscribe to the newsletter, and don't miss out.

How to add SSH user in Generate SSH keys LinuxSecure SSH authenticationsshLinuxTutorial#SSH INTO YOUR LINUX VIRTUAL MACHINEAmazon Linux, Ubuntu EC2 SSH tutorial

Written by

Sannidhya Srivastava
Sannidhya Srivastava

As a passionate DevOps Engineer, I thrive on creating seamless and efficient workflows that bridge the gap between development and operations. My expertise lies in automating processes, managing cloud infrastructure, and ensuring robust, secure, and scalable applications. With a strong focus on CI/CD pipelines and containerization, I excel at implementing solutions that enhance productivity and streamline software delivery. I am dedicated to continuous improvement, staying up-to-date with the latest industry trends and best practices to deliver top-notch results.