Closed rodrigo-puente closed 5 years ago
TigersWay
commented
5 years ago Are they? I'm not sure I see any obvious link between being allowed to ssh in and sudoers. In fact the opposite - sudoers being allowed to ssh in - might be closer to the "truth".
imthenachoman
commented
5 years ago @rodrigo-puente Did you do the Limit Who Can Use sudo section?
Ideally you want a different group for who can use sudo and who can SSH. If you want the same user to be able to both sudo and SSH, then you want to make sure they are part of both groups.
For example, my primary user is a member of the sudousers and sshusers group.
rodrigo-puente
commented
5 years ago @TigersWay, you are right, this is more accurate and makes a lot more sense.
- sudoers being allowed to ssh in -
@imthenachoman, yes I did that section. I was following the steps to secure the ssh and when I wanted to install some libraries on the server I kinda got lost why I couldn't install them. It may seem trivial, but for the inexperienced like me, it would have been a good hint to have something this:
For example, my primary user is a member of the
sudousersandsshusersgroup
That last line also answers my question. Thank you both for your help.
I think it might be a good idea to emphasize that the
sshusersgroup should also be added to thesudoersfile.I followed all the steps, get the SSH connection to work but pretty much couldn't do anything on the server until I realized these.
It would be nice to put it there, so ther will be less friction to newcomers on the subject.