/
How Do I Add Users to My Server?

How Do I Add Users to My Server?

Owned by Prateek Kapoor
Last updated: Jun 20, 2024
5 min read

Problem:

I want to add users to my server instance.

Solution:

You can either add users before you create the server through Spinup, or after you create the server by manually logging into the server instance itself.

Before you create the server

The users you want to add to the server must be added to the space before you can choose them. Spinup will automatically add chosen users to the server as soon as it has been created.

  1. Choose a Linux or Windows server from the ‘Create New Resource’ page.

  1. After choosing the server size, you can see the number of users (including yourself) that will added to the server upon creation. If you want to add more users, click + Add More.

  1. You can use the dropdown to add more users from the current space along with their roles . For Linux servers, the SSH Key saved in the users profile will be auto-filled.

You cannot remove yourself from being added to the server, and you must initially have admin access.

Server Users for Linux
Server Users for Windows

 

  1. Once you are done adding the users you want, click Save and the user count will be updated. Users will be automatically added to the server with correct permissions once it is created.

 

After the server has already been created

Using spinup-user CLI

The spinup-user command-line utility should be pre-installed on all Spinup Linux servers and can be used to easily add and remove users.

For example, on one of my servers I need to add user jsi3. I just need their public SSH key (which is not sensitive and can be safely shared) and I can then create the user like so:

When you are done pasting in one or more SSH public keys, you must hit Enter TWICE

[tg333@ip-10-5-32-247 ~]$ sudo spinup-user add jsi3 Paste one or more SSH public keys for this user (hit Enter when done): ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhU7Ucb/4AdGjtTrDZfGexJyLFxngErqWyv9Ryix8scdEOJxC/qWJiBOxasQp5fjF+ZDf5OIXgBrtd7xvJT+Lr+p65hE7EX0KL+JAWPibr0E1b0Gw9mTwAIutPA9u5tt6btmWbPUJXWifft8wgq6aIoqsg/sAzmiEHEJiL17fp7LXwjwDsxzYfskLX58uVIVqyMW5da81CNcqAPavlrGq1p1hd/+8i/2m8ql0VHnAOMdqQz5tmGY6N7F/AbtSLDaki7XTS6vQZUc5wr3ZHIe6wuQhk82/VVWoNjlxOjhwBItE0Tb7bCDkMgZ0RMymmpl/T5ioyyZmYQjmP3Xmdhdsb Added user jsi3

You can use the list command to see all users on the server and get more information about them:

[tg333@ip-10-5-32-247 ~]$ sudo spinup-user list jsi3 tg333 (admin) [tg333@ip-10-5-32-247 ~]$ sudo spinup-user list jsi3 Username: jsi3 Admin: false Shell: /bin/bash Homedir: /home/jsi3 UID: 1002 GID: 1002 Authorized keys: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhU7Ucb/4AdGjtTrDZfGexJyLFxngErqWyv9Ryix8scdEOJxC/qWJiBOxasQp5fjF+ZDf5OIXgBrtd7xvJT+Lr+p65hE7EX0KL+JAWPibr0E1b0Gw9mTwAIutPA9u5tt6btmWbPUJXWifft8wgq6aIoqsg/sAzmiEHEJiL17fp7LXwjwDsxzYfskLX58uVIVqyMW5da81CNcqAPavlrGq1p1hd/+8i/2m8ql0VHnAOMdqQz5tmGY6N7F/AbtSLDaki7XTS6vQZUc5wr3ZHIe6wuQhk82/VVWoNjlxOjhwBItE0Tb7bCDkMgZ0RMymmpl/T5ioyyZmYQjmP3Xmdhdsb

Note that by default the new user does not have admin (sudo) privileges. To make an admin user you can use the -a flag. Be careful who you make an admin as they will have unlimited root access on the server!

[tg333@ip-10-5-32-247 ~]$ sudo spinup-user add jsi3 -a

To delete a user and their home directory:

[tg333@ip-10-5-32-247 ~]$ sudo spinup-user remove jsi3 Removed user jsi3

This is just a brief overview of how to use the CLI. For more information and examples you can see the Github repo GitHub - YaleSpinup/spinup-user: A simple CLI for managing Linux users

Manual step-by-step guide

If for some reason you cannot use the spinup-user CLI you can manually create a Linux user.

$ sudo -s $ NEWUSER=<netid of person you would like to add> #Variable that is used in future commands $ adduser $NEWUSER $ echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers #If you would like to give them root access $ mkdir -m 700 /home/$NEWUSER/.ssh $ echo "User's PUBLIC key" > /home/$NEWUSER/.ssh/authorized_keys $ chmod 600 /home/$NEWUSER/.ssh/authorized_keys $ chown -R $NEWUSER:$NEWUSER /home/$NEWUSER/.ssh $ restorecon -FRvv /home/$NEWUSER/.ssh #Required if Selinux is running on the server

Best Practices

  • Utilize SSH keys instead of passwords for authentication

  • Create new user accounts instead of utilizing the root account

  • Do not elevate to root unless it is truly needed

  1. Once logged into the computer, right-click on the Start button and select System.

  1. On System settings screen, select "Remote settings" on the left-hand side. In Windows 2019, you will instead select "Remote Desktop" on the left side.

Windows 2016
Windows 2019

  1. Click the Select Users button on the resulting dialog. On Windows 2019, you will instead scroll to the bottom of the screen and click "Select users that can remotely access this PC".

Windows 2016
Windows 2019

  1. Click Add button on Remote Desktop Users dialog box.

  1. Type the NetID of the user you want to add and click "Check Names". Their netID should expand to show their full account name/e-mail address. Now you can click OK and exit out of the previous dialog boxes.

  1. New user should now be able to log in!

  2. Note: Users of servers in Secured spaces may get the error "Logon failure: the user has not been granted the requested logon type at this computer". If that occurs, you will need to follow the additional steps below. If you do not have a CIS-hardened server as part of a moderate- or high-risk space, the steps below should not be needed. 

  3. Search for and go to "Local Security Policy" under the Windows Start Menu

  1. Expand Local Policies in the left-hand pane, then click on the User Rights Assignment folder. Lastly, double-click on "Allow log on locally" in the right-hand pane.

 

  1. Type "Remote Desktop Users", then click Check Names. The Group name of "Remote Desktop Users" should become underlined. Click OK, OK, and exit the Local Security Settings manager.

 

  1. User should now be able to login.

 

Related content