How To Create a Sudo User on Cen
转自 https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-centos-quickstart
简单明了:
PostedMarch 29, 201681.3kviewsLINUX BASICSQUICKSTARTCENTOS
Introduction
Thesudocommand provides a mechanism for granting administrator privileges, ordinarily only available to the root user, to normal users. This guide will show you the easiest way to create a new user with sudo access on CentOS, without having to modify your server'ssudoersfile. If you want to configure sudo for an existing user, simply skip to step 3.
Steps to Create a New Sudo User
Log in to your server as therootuser.
ssh root@server_ip_address
Use the adduser command to add a new user to your system.
Be sure to replace username with the user that you want to create.
adduser username
Use the passwd command to update the new user's password.
passwd username
Set and confirm the new user's password at the prompt. A strong password is highly recommended!
Set password prompts:
Changing password for user username.New password:Retype new password:passwd: all authentication tokens updated successfully.
Use the usermod command to add the user to the wheel group.
usermod -aG wheel username
By default, on CentOS, members of the wheel group have sudo privileges.
Test sudo access on new user account
Use the su command to switch to the new user account.
su username
As the new user, verify that you can use sudo by prepending "sudo" to the command that you want to run with superuser privileges.
sudo command_to_run
For example, you can list the contents of the/root directory, which is normally only accessible to the root user.
sudo ls -la /root
The first time you use sudo in a session, you will be prompted for the password of the user account. Enter the password to proceed.
Output:
[sudo] password for username:
If your user is in the proper group and you entered the password correctly, the command that you issued with sudo should run with root privileges.
Enable NOPASSWD for the %wheel group in /etc/sudoers
$ sudo visudo
Then comment out this line:
## Allows people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
And uncomment this line:
## Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL
本地创建密钥
ssh-keygen
拷贝公钥
ssh-copy-id demo@SERVER_IP_ADDRESS
