I’m trying to follow the lab ssh hardening and sudo the question is:
Create a user named jim on node01 host and configure password-less ssh access from controlplane host (from user root ) to node01 host (to user jim ).
Here is what I got:
controlplane ~ ✖ ssh node01
root@node01 ~ ➜ useradd jim
root@node01 ~ ➜ passwd jim
root@node01 ~ ➜ exit
controlplane ~ ➜ ssh-copy-id -i ~/.ssh/id_rsa.pub jim@node01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
jim@node01's password:
Could not chdir to home directory /home/jim: No such file or directory
sh: 1: cd: can't cd to /home/jim
mkdir: cannot create directory '.ssh': Permission denied
How can I give permissions to create the .ssh directory needed? The “solution” for the question does not explain it did not even explain that a password needed to be set.
If I recall correctly, “useradd jim” will do the minimum to create an account for jim; it will not, typically, create a home directory. This explains your error; /home/jim literally does not exist, so you can’t use ssh-copy-id to create the .ssh subdirectory, nor can you you change directories to it.
To have useradd do that in Ubuntu, you need to do something like
useradd -m -s /bin/bash USERNAME
If the user already exists, delete it with userdel, and try again with the -m argument.
Thanks @rob_kodekloud that fix that problem, this lab needs serious update as the “Solution” was the one recommending add the user like that, few questions further there is another task were I’m stuck, it ask to make the user sudo and change the user password, I edit the etc/sudoer file to have the new user as sudo and restart sshd:
I add this line to the file
jim ALL=(ALL:ALL) ALL
I change the password using this command:
passwd jim
Entering the password after
and restart the sshd using the command:
systemctl restart sshd
That last step was just in case, however the lab still failing
Looking at the solution, it actually uses adduser, which is a higher level call, and would create the home directory for you. adduser is the user-creation buffet; useradd is what you use if you want everything a la carte
ssh into node01 host from controlplane host
ssh node01
Create user jim on node01 host
adduser jim (set any password you like)
Return back to controlplane host and copy ssh public key
ssh-copy-id -i ~/.ssh/id_rsa.pub jim@node01
Test ssh access from controlplane host
ssh jim@node01
There are a couple ways to do this one; the one I tried – which worked – was to start at controlplane, and
# set the password
passwd jim
# Now edit the sudoers file. I used visudo and set the editor to vi.
# I then just copied over the line from the solution -- same line as
# you used
EDITOR=vi visudo
# No need to restart sshd; we're already set!
I’m personally better with vi than nano; using visudo is a good idea, since it corrects for common errors people make editing the file. This is better advice than the solution tab, I think.
Thank you @rob_kodekloud, to be honest my mistake were that I was trying to past the password using ctrl+v and in the website I need to use the mouse to do it, because the password did not show I did not realize that until now.
Thanks for your help and explanation anyway, it was very helpful <3
Hello
Could you please tell me What is the command for force edit in vi? I tried all possible vi commands but it looks like there is a permission error.
