memandip · December 8, 2021 20:24
diff --git a/add-deploy-user b/add-deploy-user
 - ssh root@<ubuntu-server-ip-address>
 To start with, connect to your Ubuntu Server with SSH with root
    `ssh root@<ubuntu-server-ip-address>`
 
 Once you are logged in to your server with root, 
 you are ready to create the new deploy user that will be used from now on. To do that, type:
 ` adduser deploy `

 Update deploy user privileges, by:
    `usermod -aG sudo deploy`
    
 Switch to the new user account
 su - newuser

 Create .ssh folder in home directory
 mkdir ~/.ssh

 Create authorized_keys file in side the .ssh folder and add the public key
 vim ~/.ssh/authorized_keys
 And paste your SSH public key here, save and close file

 From now on, deploy has superuser privileges and is part of the sudoers. 
 Now, let’s add public key authentication for deploy user.

 Copy your public key to remote server
    `ssh-copy-id deploy@<ubuntu-server-ip-address>`

 Test the configuration by:
    `ssh deploy@<ubuntu-server-ip-address>`
    
 
 Success, you can see that you are connected to your Ubuntu server authenticating with your public SSH key only. 
 Next step is to disable password authentication. To do that, run on the server the following:
    `nano /etc/ssh/sshd_config`
 Find the line that specifies PasswordAuthentication, if it is commented out, uncomment it, 
 by removing the # in the beginning of the line. Change the value from yes to no. 
 It should look like this after your changes:   
    ```
        # To disable tunneled clear text passwords, change to no here!
        PasswordAuthentication no
        #PermitEmptyPasswords no
      ```

 Make sure also that PubkeyAuthentication is uncommented and its value is set to yes
 `PubkeyAuthentication yes`


 One final step is to disable password prompt for deploy user when using the sudo command. 
 In order to do that, on your Ubuntu server, type:
    `sudo visudo`
     ```
        # Deploy
        deploy ALL=(ALL) NOPASSWD:ALL
      ```
      
 Finally, lets try the configuration. Logout from the Ubuntu server by:
    `deploy@testserver:~$ exit`

 And connect with ssh:
    `$ ssh deploy@<ubuntu-server-ip-address>`
	- ssh root@<ubuntu-server-ip-address>
	To start with, connect to your Ubuntu Server with SSH with root
	`ssh root@<ubuntu-server-ip-address>`

	Once you are logged in to your server with root,
	you are ready to create the new deploy user that will be used from now on. To do that, type:
	` adduser deploy `

	Update deploy user privileges, by:
	`usermod -aG sudo deploy`

	Switch to the new user account
	su - newuser

	Create .ssh folder in home directory
	mkdir ~/.ssh

	Create authorized_keys file in side the .ssh folder and add the public key
	vim ~/.ssh/authorized_keys
	And paste your SSH public key here, save and close file

	From now on, deploy has superuser privileges and is part of the sudoers.
	Now, let’s add public key authentication for deploy user.

	Copy your public key to remote server
	`ssh-copy-id deploy@<ubuntu-server-ip-address>`

	Test the configuration by:
	`ssh deploy@<ubuntu-server-ip-address>`


	Success, you can see that you are connected to your Ubuntu server authenticating with your public SSH key only.
	Next step is to disable password authentication. To do that, run on the server the following:
	`nano /etc/ssh/sshd_config`
	Find the line that specifies PasswordAuthentication, if it is commented out, uncomment it,
	by removing the # in the beginning of the line. Change the value from yes to no.
	It should look like this after your changes:
	```
	# To disable tunneled clear text passwords, change to no here!
	PasswordAuthentication no
	#PermitEmptyPasswords no
	```

	Make sure also that PubkeyAuthentication is uncommented and its value is set to yes
	`PubkeyAuthentication yes`


	One final step is to disable password prompt for deploy user when using the sudo command.
	In order to do that, on your Ubuntu server, type:
	`sudo visudo`
	```
	# Deploy
	deploy ALL=(ALL) NOPASSWD:ALL
	```

	Finally, lets try the configuration. Logout from the Ubuntu server by:
	`deploy@testserver:~$ exit`

	And connect with ssh:
	`$ ssh deploy@<ubuntu-server-ip-address>`