# useradd –d /usr/tommy -m tommy
//Modify the password of user tommy
# passwd tommy
Grant root privilege
Method 1: Modify the /etc/sudoers file, find the following line, and remove the previous comment (#)
quote
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
Then modify the user to belong to the root group (wheel), the command is as follows:
quote
#usermod -g root tommy
After the modification is completed, you can now log in with the tommy account, and then use the command su - to obtain root privileges to operate.
Method 2: Modify the /etc/sudoers file, find the following line, and add a line under root, as shown below:
quote
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
tommy ALL=(ALL) ALL
root ALL=(ALL) ALL
tommy ALL=(ALL) ALL
If you don't want to need to enter a password every time you sudo, change to
quote
tommy ALL=(ALL) NOPASSWD: ALL
After the modification is completed, you can now log in with the tommy account, and then use the command sudo - to obtain root privileges to operate.
Method 3: Modify the /etc/passwd file, find the following line, and change the user ID to 0, as shown below:
quote
tommy:x:0:33:tommy:/data/webroot:/bin/bash
Windows下使用Bitvise SSH Client生成公钥,私钥
1.启动Bitvise SSH Client -> Client key manager -> Generate New -> Generate 就会生成公钥,私钥
2.然后在 Generate New同级画面中选中生成的秘钥 -> Export -> Export public key(公钥), Export private key(私钥) -> 选中OpenSSH format格式(linux默认是OpenSSH,所以格式需要一样,如果格式不一样的key需要转格式,还不如重新再生成一次)->选择好点Export导出保存秘钥 -> 保存在哪儿都行,能知道就行.公钥和私钥都要保存一份.
3.生成密钥时Passphrase这个可以不写,写了就要记住(一般不写就行)
Linux普通用户主目录(usr/tommy)下创建公钥文件
1. chmod -R 777 /usr/tommy 给需要修改的文件夹赋予读写权限,这样其它用户才可以读写文件夹内容
2. mkdir .ssh 创建文件夹
3. vim authorized_keys
4. 将生成的public key(公钥)中 ssh-rsa开始到 Generated之前的秘钥(包括ssh-rsa,不包括Generated)复制到 authorized_keys 文件之中 wq!保存
5.查看文件夹权限:ssh的信任授权对相关文件夹的访问权限有一定的限制,最好设置如下(千万不要超过770):
$ chmod 600 /.ssh/authorized_keys $ chmod 700 /.ssh $ chmod 700 /.ssh/id_rsa
Bitvise SSH Client远程连接Linux
1.在客户端工具中找到initial method 的下拉框选为publickey
2.Client key的下拉框选为本地public key(公钥)对应的,可能生成了多个,但实际上只需要一个(一个公钥,私钥可以给多个Linux用户使用,只要.ssh/authorized_keys文件的公钥一致就行)
3.Username写Linux账户
4.点击login登录就可以了.