I’ve been Googling on this for hours but I couldnt find a solution that worked. This is what I want to do. Setup GitHub actions so that I can built the CD into my pipeline. From my understanding, I want to do this;
Create a new user sshuser123, then allow that user to login via SSH without any passwords. However only allow that user to SSH to own folder home/sshuser123.
Here are the things that I’ve done so far,
Generate SSH keys and update. Move the public ssh keys to /$USERHOME/.ssh/authorized_keys
Create new user through Webmin -> Users and Groups. I have assigned user to users group, should this change?
Why? Don’t grant permissions you don’t understand. But it shouldn’t make authentication not work.
Where did you get this error? I don’t seem to recall seeing that error from sshd, is it from your client-side? Look in the server logs. I don’t recall which specific log this would be in. In the past it’d be /var/log/secure but I think it’s now just part of the journal, maybe.
But, it seems like it’s saying your username and/or key are wrong. Maybe, but that error isn’t clear English and doesn’t make sense to me.
Why? Don’t grant permissions you don’t understand. But it shouldn’t make authentication not work.
I’m confused, so why not? The user created should not be assigned to any group?
Where did you get this error? I don’t seem to recall seeing that error from sshd, is it from your client-side? Look in the server logs. I don’t recall which specific log this would be in. In the past it’d be /var/log/secure but I think it’s now just part of the journal, maybe.
But, it seems like it’s saying your username and/or key are wrong. Maybe, but that error isn’t clear English and doesn’t make sense to me.
That was the error from my Terminal client, but what it is saying is basically access denied. Similar to Permission denied (publickey)..
In your experience, how should I handle the task of creating a new user specifically for SSH access only?
It being for ssh access only is orthogonal to the problem of you not being able to login. Solve the login problem, then worry about access.
I don’t know what to tell you…it seems like you did everything right. You need the public key in ~/.ssh/authorized_keys, that dir and file needs to have reasonable permissions (sshd will refuse to use it if it’s readable or writable by anyone other than the user), sshd_config needs to allow public key authentication (this is default), and you need to use the right username and private key for the public key when authenticating. That’s it.
Server logs will be more informative than the client-side. Client only knows auth failed, server knows why.
Thank you for this, I started from scratch and did everything from the beginning. In this case used the user creation through SSH and not virtualmin but this seem to have fixed it.
@simon1066 thanks mate for your suggestions as well. They were helpful as well.