Learn Linux for Devops

Managing Users, Access, and Remote Servers on Linux: A Complete Overview

Jay Kasundra's photo
Jay Kasundra
·

4 min read

Access Management

Access Levels

  • There are 3 types of user.

    • Owner

    • Group user

    • Public user

  • ll command is used for Long Listing

  • chmod <Access_Level> <File/Directory_Name> to change access mode of any file/directory

    • e.g., chmod 400 <File/Directory_Name> - will provide only read access to any file. To know the access level, please refer this link : https://chmod-calculator.com/

User Management

  • Tasks in User Management

    • Create New Linux User

    • Delete the Linux User

    • Set the Access Levels to the user :

      • User Authentication : Who can access ?

      • User Authorization : What can be accessible ?

Create New Linux User

  • Run the below command as a root user

    • useradd <username> -s /bin/bash -m -d /home/<username> - Only for Ubuntu machines

    • useradd <username> - For Non-Ubuntu Machines

  • Run su - <username> to log in as that user.

  • Run cat /etc/passwd to get the list of Linux users.

  • Run cat /etc/group to get the list of Linux User Groups

New user's authentication through password

  • Run the command passwd <username> to create or reset a user's password.

    • run this command as root user to create/reset

    • run this command as the user to only reset

  • Run passwd -d <username> to remove the Password protection.

    • Run this command as a root user

New user's authentication through SSH keys

  • Key Pair: Public Key and Private Key

  • Add the user by running the command useradd <username> -s /bin/bash -m -d /home/<username>.

  • Log in as the user by running the command su - <username>.

  • Run the command ssh-keygen -t ecdsa -b 521.

  • Navigate to .ssh directory running the command cd .ssh

    • Run command ls -a

      • You should see following two files:

        • id_ecdsa - private key

        • id_ecdsa.pub - public

  • Run command cat id_ecdsa.pub > authorized_keys to create a duplicate file of public key.

    • authorized_keys

      • It is the copy of Public Key.

      • Always the private key will be compared with the authorized_keys

  • Run the command chmod 600 /home/user2/.ssh/* to change the access level of all files in the .ssh directory so that only the owner can read and write them.

Remote Server Handling

Remote Server Access

  • AWS Cloud :

    • VM1 (Server)

    • VM2 (Client)

  1. Establish Connection to Remote Server

  2. Login to the Remote Server

  3. Copy the Files from one server to another server using SCP

  4. Manage the Remote Server - Install any package/Uninstall/Upgrade - Will be done using Ansible

Pre-requisites for Remote Server

  • Launch 2 VMs (VM1-Source & VM2-Target)

  • Ensure that Port 22 is enabled

  • Create User in both the VMs

  • Create SSH-Key in one server(VM1)

  • Use the public_Key as a authorized_keys in the Client Machine(VM2)

  • Establish SSH Connection & Login to VM2(Client_Machine)

  • Copy Files from VM1 to VM2(Client_Machine)

Steps to connect remote server

  • Log in to VM1 and create a user.

  • For Client_Machine(VM2)

    • Run command useradd clientuser -s /bin/bash -m -d /home/clientuser

    • Run command su - clientuser to log in as client user

    • Create .ssh directory running the command mkdir .ssh

    • Navigate to .ssh directory running command cd .ssh

    • Run command vi authorized_keys

      • paste the id_ecdsa.pub of user2 user from Server machine to authorized_keys file in Client Machine

    • Run the command chmod 600 /home/clientuser/.ssh/* to change the access level of all files in the .ssh directory so that only the owner can read and write them

    • From Server VM execute this Command ssh clientuser@10.0.18.161 as a user2 user

    • Copy Files from VM1 to VM2(Client_Machine)

      • command scp /home/user2/file.txt clientuser@10.0.18.161:/home/clientuser

LinuxDevopsUbuntu