New User setup

Below are described some steps to setup a new user account.

Default folders

Here is the command to create the default folders for a given user when no physical connexion can be made to the Thoth subnetwork.

su <username>
cd /home/<username>

Remote SSH keys setup

When a new member <user> starts remotely, admins should grant them remote ssh access to <user_machine>. The procedure is described below:

  1. (admin on <user_machine>) su <user>

  2. (admin on <user_machine>) ssh-keygen: save the keys to ~/.ssh/id_rsa and ~/.ssh/ and set a temporary password

  3. (admin on <user_machine>)cd ~/.ssh && cat > authorized_keys

  4. send private key id_rsa as thoth_tmp to user by email, who should save it to ~/.ssh/thoth_tmp on their pc

  5. (on user pc) Edit ~/.ssh/config with:
    IdentityFile ~/.ssh/thoth_tmp
    Host bastion
          ProxyCommand none
          ForwardX11 yes
          User <user>
    Host *
        ProxyCommand ssh -W %h:22 bastion
        ForwardX11 yes
        User <user>
    Host <user_machine>
        HostName <user_machine>
        User <user>
        ForwardX11 yes
        ProxyCommand ssh -W %h:22 bastion
    Host edgar
        User <user>
        ForwardX11 yes
        ProxyCommand ssh -W %h:22 bastion`` Replacing ``<user>`` and

    Replace <user_machine> accordingly.

  6. (on user pc) chmod 755 ~/.ssh/thoth_tmp

  7. (on user pc) Check that everything works well with ssh bastion and ssh <user_machine>

  8. (user on <user_machine>) ssh-keygen : save the keys to ~/.ssh/id_rsa_new and ~/.ssh/ and set a permanent password

  9. (on user pc) scp <user_machine>:~/.ssh/id_rsa_new ~/.ssh/thoth

  10. (user on <user_machine>)

    ``cd ~/.ssh && mv id_rsa_new id_rsa && mv && cat > authorized_keys``
  11. (on user pc) Update ~/.ssh/config/ such that : IdentityFile ~/.ssh/thoth

  12. (on user pc) Clean up : rm ~/.ssh/thoth_tmp