How to create another user on my Centos 7 with sudo privileges?

I used the following steps to create my first user on my Centos 7 VPS:

adduser firstuser

passwd firstuser

visudo
and added this:
## Allow lupocatttivo to run any commands anywhere
firstuser        ALL=(ALL)       ALL

after restarting my putty I logged in as firstuser

then:
ssh firstuser@192.168.100.100

ssh-keygen  (clicked enter a few times)

scp ~/.ssh/id_rsa.pub firstuser@192.168.100.100:

mv id_rsa.pub .ssh/authorized_keys

chown -R firstuser:firstuser.ssh

chmod 700 .ssh

touch ~/.ssh/authorized_keys; chmod 700 ~/.ssh

nano ~/.ssh/authorized_keys

Inside I pasted my public key generated using PuttyGen

After setting the private key in putty I logged using the private key

then:
sudo nano /etc/ssh/sshd_config

Set the following values:
PasswordAuthentication no
PermitRootLogin no
Port 22000

then:
sudo systemctl restart sshd

I can login without enternig password and using private key for this user without any problems and the user has sudo level access.

Open in new window



Now I need to create two more users with the same level of access but I don't know which steps to repeat from above and which to modify. Of course each new user will have a different private/public key. I have not repeated all of the above steps in the fear of overriding my only system user or of deleting the public key I already saved, thus blocking me access to my own VPS.

Please assist as I am new to Centos 7.
badwolfffAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zephyr ICTCloud ArchitectCommented:
Just add sudo before all commands like so:

sudo adduser <name-of-user>

Open in new window


sudo gpasswd -a <name-of-user> wheel

Open in new window


This will add the user to the wheel group granting this user sudo rights.

Remember, you can learn more about programs/tools by using "man"

Example:

man adduser

Open in new window

man sudo

Open in new window

0
badwolfffAuthor Commented:
Hi,

I think you missed my point. In any case I followd your steps (which I was already trying before I wrote here) and of course it did not work:

I did

sudo adduser doggo
sudo passwrd doggo
(set a password)

then
sudo gpasswd -a doggo wheel

Opened another session of putty and tried to login, not as firstuser, but as doggo.

login as: doggo
Server refused our key

You see what I mean?
0
Zephyr ICTCloud ArchitectCommented:
Ah, ok ... That makes more sense now, sorry about that ...

You could normally copy the key to all users or use a separate key for each user, so for each user there should be a .ssh folder in the user's home folder containing the authorized_keys file.

To create a key it doesn't matter under which user you make it really, just type following:

ssh-keygen -t rsa

Open in new window


Now you can copy the keys to the home folder of the new user and prepare them in the .ssh folder like you did for the first user (hope that makes sense)

Just make sure you set the user rights correctly for the second user on the .ssh folder and the files below it... for example:

sudo chown -r doggo:doggo /home/doggo/.ssh 

Open in new window


Set the owner to the user if that isn't done yet

sudo chmod 700 /home/doggo/.ssh

Open in new window


Does that make sense?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

badwolfffAuthor Commented:
Hi,
thanks for the message.

That ssh-keygen -t rsa command - is it safe?
I mean I hope it does not overwrite any existing settings.

Also I already generated a public and a private key using puttygen. Do I need to run this command anyway?
0
Zephyr ICTCloud ArchitectCommented:
Well that command just generates a new key, it doesn't overwrite anything so it's safe yes.

But you can also use the one you generated using puttygen, no problem, you don't need to run the ssh-keygen command then.
0
badwolfffAuthor Commented:
Hi,

I get this:

firstuser@octane [~]# sudo chown -R doggo:doggo /home/doggo/.ssh
chown: cannot access ‘/home/doggo/.ssh’: No such file or directory

thanks
0
Zephyr ICTCloud ArchitectCommented:
It's because the folder doesn't exist probably...

Create the folder first with:

sudo mkdir /home/doggo/.ssh

Then try the chmod command again
0
badwolfffAuthor Commented:
Hi,

did that and followed the procedure you suggested to the end.

But when I open a new session and try to login I still get:

login as: doggo
Server refused our key



Notes:

firstuser@octane [~]# sudo lid -g wheel
firstuser(uid=1000)
doggo(uid=32014)

I even did
"sudo visudo"

and added the new user as:
doggo        ALL=(ALL)       ALL
0
Zephyr ICTCloud ArchitectCommented:
This means that somehow you're not using the correct key or maybe permissions aren't set correctly.

Did you create a new key for the doggo user? If you did make sure you use the correct key to connect to the server, sometimes the names of the keys are the same and you might mix them up.
0
badwolfffAuthor Commented:
Hi,

I fixed it.

Insted of:
sudo mkdir /home/doggo/.ssh

I did this:
sudo cp -r ~/.ssh/ /home/doggo/

and the rest of what you suggested was fine :)

The problem was that your suggestion was making an empty .ssh dir but the .ssh dir also needed the authorized_keys
id_rsa
id_rsa.pub
know_hosts

files which were not being autogenerated.

thanks for the help
0
Zephyr ICTCloud ArchitectCommented:
Yes, I was under the impression you were going to create a separate key, sorry about the misunderstanding ... Your solution of copying the .ssh folder is correct ...

No problem and thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSH / Telnet Software

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.