On a remote server I want to create a normal user and ONLY allow access via a key but I do NOT want to create the account with a password first and then disable password access later. In my admin account on the remote server I have done the following:
sudo adduser --disabled-password normaluser
Trying to connect as 'normaluser' is rejected, as desired with:
normaluser@server: Permission denied (publickey)
adduser man page:
The --disabled-password option will not set a password, but login is still possible (for example with SSH RSA keys).
Not being sure how ssh keys should be generated in this instance, I
sudo su to the
normaluser account and generated keys using
I've then tried to use the public and the private key file (copied to my local machine) to then ssh into the remote machine as
normaluser, specifying the appropriate key file with
ssh -i but I am still getting
access denied (publickey)
Make sure your key is added to /home/normaluser/.ssh/authorized_keys Authorized keys are per user, meaning that just because a key can be used to log into another user doesn't mean you can use it to log in as any user.