模板:USJ Customize NewUser

来自Ubuntu中文
Oneleaf留言 | 贡献2010年6月25日 (五) 10:24的版本 (以内容'== Adding new SSH users == *Add a new user and change the password for that user ('''optional'''): sudo useradd -m ''myownuserID'' sudo passwd ''myownuserpw'' :Login usi…'创建新页面)
(差异) ←上一版本 | 最后版本 (差异) | 下一版本→ (差异)
跳到导航跳到搜索

Adding new SSH users

  • Add a new user and change the password for that user (optional):
sudo useradd -m myownuserID
sudo passwd myownuserpw
Login using the new user ID to complete the installation.
  • Create an SSH keypair for automated login by the new user:
  • Generate a key pair (by default, a 2048-bit RSA key pair is created):
ssh-keygen
  • Accept the default location for the key file ( /home/myownuserID/.ssh/id_rsa ).
  • Leave the passphrase empty
Make sure that a file named authorized_keys (with write privileges) is in the /home/myownuserID/.ssh folder. If not, create such a file (using the "touch" command to create an empty file) after logging into the server as myownuserID:
cd ~/.ssh
touch authorized_keys
Alternatively, you can copy the original authorized_keys file from the /etc/jauntyadmin00/.ssh folder (as long as it has been revised and is not the original insecure authorized_keys file distributed with the system). This is useful if you wish to keep both the jauntyadmin00 and myownuserID users.
sudo cp /home/jauntyadmin00/.ssh/authorized_keys /home/myownuserID/.ssh/authorized_keys
sudo chown -R myownuserID /home/myownuserID
Concatenate the newly-generated id_rsa.pub key to the authorized_keys file:
cd ~/.ssh
cat authorized_keys id_rsa.pub >> authorized_keys

Inactivate old users

  • Inactivate old users (this is easiest from the GUI desktop once installation has been completed):
Menu -> System -> User Manager -> highlight userID -> Account disabled (ticked)
If you merely wish to exclude a user from appearing on the Login screen:
Menu -> System -> System Settings -> Advanced -> Login Manager -> Users -> tick the users to exclude from the Login screen

Change hostname (optional)

  • Hostname: Jaunty32Server00
  • Discover the current hostname and the Fully Qualified Domain Name:
hostname
hostname --fqdn
  • I don't recommend changing the hostname, but it can be changed by editing the /etc/hostname file and the /etc/hosts file
sudo gedit /etc/hostname
sudo gedit /etc/hosts

It is not necessary for security reasons to change your hostname, and it is not recommended especially if you have already been using the system for a while (as the hostname can be used in several configuration files other than the two noted).