How to Create and Manage Users on a Linux Server with SSH Key Authentication

Securing your Linux server with SSH key authentication is one of the best practices for system administration. Unlike password-based logins, SSH keys provide stronger security, are resistant to brute-force attacks, and make user management more scalable. This guide walks you through creating users and setting up SSH key authentication on a Linux server.

Step 1: Create a New User

Start by adding a new user to your Linux system:

sudo adduser newuser

Follow the prompts to set the password (optional, if using SSH keys only) and basic user information.

Step 2: Add User to the Sudo Group (Optional)

If the user needs administrative rights:

sudo usermod -aG sudo newuser

Step 3: Create SSH Directory and Authorized Keys File

Log in as the new user or switch to them:

sudo su - newuser
mkdir -p ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

Step 4: Add Public Key to authorized_keys

On your local machine, generate an SSH key if you haven’t already:

ssh-keygen -t rsa -b 4096

Copy the public key (~/.ssh/id_rsa.pub) to the server:

ssh-copy-id newuser@your-server-ip

Or manually paste the contents into ~/.ssh/authorized_keys on the server.

Step 5: Disable Password Authentication (Recommended)

To enforce SSH key-only authentication:

Edit /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

Ensure the following lines are set:

PasswordAuthentication no
PermitRootLogin no

Restart the SSH service:

sudo systemctl restart ssh

Step 6: Test the Connection

On your local machine, connect to the server:

ssh newuser@your-server-ip

If the key is properly configured, you’ll be logged in without a password prompt.

User Management Tips

• List users: cut -d: -f1 /etc/passwd
• Lock a user account: sudo usermod -L username
• Remove a user: sudo deluser username
• List logged-in users: who or w

How to Create and Manage Users on a Linux Server with SSH Key Authentication (F.A.Q)