Enabling External Access for Your Regular User on Ubuntu Server

Learn how to enable external SSH access for a non-root user on your Ubuntu server, ensuring secure and efficient remote management.

10 min
LinuxSSHServer

If you logged in to your root account using an sshkey then probably password authentication is disabled. to login as the new user, you need to add your public key to the deployer user’s ~/.ssh/authorized_keys file.

You have two options Follow the approach that suits you best:

1. Using the same SSH key as root

Since you already use this key to login as root, you can just copy the authorized_keys file from root to the new user using rsync.

On your server, as root user, run the following command:

From root session 
rsync --archive --chown=deployer:deployer ~/.ssh /home/deployer
From non-root session 
sudo rsync --archive /root/.ssh /home/deployer --chown=deployer:deployer

Replace deployer with your actual username.

2. Uploading a new SSH key for the new user

If you want to use a different SSH key for the new user, you can upload it to your root user and then copy it to the new user’s authorized_keys file.

  1. On your local machine, copy your new public key to the server:
Linux/macOS ED25519 
scp ~/.ssh/id_ed25519.pub root@your-server-ip:/root/new_key.pub
Linux/macOS RSA 
scp ~/.ssh/id_rsa.pub root@your-server-ip:/root/new_key.pub
Windows (PowerShell) ED25519 
scp $env:USERPROFILE\.ssh\id_ed25519.pub root@your-server-ip:/root/new_key.pub
Windows (PowerShell) RSA 
scp $env:USERPROFILE\.ssh\id_rsa.pub root@your-server-ip:/root/new_key.pub
  1. On the server, root user, append the new key to the new user’s authorized_keys file:
On the root session. bash logo 
# create .ssh if it does not exists
mkdir -p /home/deployer/.ssh
# append the new key to the authorized_keys file
cat /root/new_key.pub >> /home/deployer/.ssh/authorized_keys
# set the correct permissions
chown -R deployer:deployer /home/deployer/.ssh
chmod 700 /home/deployer/.ssh
chmod 600 /home/deployer/.ssh/authorized_keys
# remove the uploaded key file
rm /root/new_key.pub

Replace deployer with your actual username and id_rsa.pub with the actual path of your new public key.

Now try to log in with the new user and the new key:

default SSH key 
ssh deployer@your-server-ip
specific SSH key 
ssh deployer@your-server-ip -i /path/to/your/private/key

Replace deployer with your actual username and your-server-ip with the actual IP address of your server.