Users (II)

Note: The user that installed the operating system is <adminuser>, and it can turn into root.

Create administrator users

_$: addgroup admingroup
_$: for user in <admin 1> <admin 2>
do
    adduser $user
    usermod $user -aG admingroup
done

_$: visudo
...
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
%admingroup ALL=(ALL) ALL

/etc/ssh/sshd_config:
---------------------
...
# Authentication:
LoginGraceTime 120
PermitRootLogin no      <===
StrictModes yes

Other users

For every web application that we deploy to this server we will create a user and a group with its name.

After that, we will also create an SSH key for that user and copy it to the devops server.

Example: Create user and group for project webapp

(root@web)_$: adduser  webapp
(root@web)_$: addgroup webapp
(root@web)_$: su - webapp
(webapp@web)_$: ssh-keygen -b 4096
(webapp@web)_$: ssh-copy-id -i .ssh/id_rsa.pub gitwebpage@devops1.tnfxhosting.com

Create administrator users

Disable login as root

Other users

Example: Create user and group for project webapp