Enable SSH access on Sun Solaris 9

I am going to talk about how to enable SSH access for a specific user on Sun Solaris 9 today. A new user could get SSH access in just five minutes if you follow the instructions.

In this article, a new user ‘cokeeorg‘ will be created in Part 1, the SSH access will be enabled in Part 2.

Part 1: Adding new user ‘cokeeorg‘

Log in as root (you have to have root access for user creating, configuration file altering, etc.) or if your server is set up to prevent external root access, log in using your normal username and su to root instead.

1. Create home directory

Create a new directory for the new user. The location of the home directory varies and is mainly depend on your own server settings. I’m going to use /export/home in this post. Create a new directory using the following command:

cd /export/home
mkdir cokeeorg

2. Add a new group

It may not be necessary to create a new group definition for our new user. This step is here to make the instruction complete. New group definition could be added on the system by using groupadd command. It will create a new group difinition on the system by adding the appropriate entry to the /etc/group file.

groupadd command comes with a -g gid option. If it is set, it will assign the group id gid for the new group. This group id must be a non-negative decimal integer below MAXUID as defined in /usr/include/sys/param.h. If it is not set, the group ID defaults to the next available (unique) number above the highest number currently assigned. For example, if groups 100, 105, and 200 are assigned as groups, the next default group number will be 201. Please note that Group IDs from 0-99 are reserved by SunOS for future applications.
The following command will do the job:

groupadd -g 888 cokee

3. Add the new user

Solaris 9 does not have a command like adduser which walks you through the process step-by-step to create a new user. So that means you have to remember the four flags useradd command requires, and in what order it expects to receive them. The following command will create the new user ‘cokeeorg‘, associate it with the home directory we just created, and assign it to the new group ‘cokee‘ as well.

useradd -g cokee -c ‘CokeeOrg Demo’ -d /export/home/cokeeorg -s /usr/bin/bash cokeeorg

4. Change password

Once the new user has been created successul, you could change the password by using the following command:

passwd cokeeorg

The passwd command will prompt you with the new password, you have to type in the new password twice to confirm.

5. Change home directory ownership

The owner of the newly created home directory ‘/export/home/cokeeorg‘ has to be set to our new user ‘cokeeorg’ as well. This could be done by:

chown -R cokeeorg:cokee /export/home/cokeeorg

Part 2: Enable SSH access for ‘cokeeorg‘

1. Local SSH access can be enabled by editing sshd_config file in /etc/ssh. Add the newly created username to the end of the ‘AllowUsers‘ list:

AllowUsers cokeeorg

2. Restart SSH daemon

sshd (the SSH daemon) will restart automatically if it has been manually killed. First of all, use the following command to list all the running sshd process currently on the system:

ps -elf | grep sshd

This will give you a list of running sshd processes. Take a note of the process ID (pid) of the ‘master’ sshd (the one with the earlist start time (stime), and smallest ppid (normally, this should be 1). Kill that process manually by using:

kill -9 pid

Please use the actual pid you’ve got on your server in the above command.
After that, sshd daemon should restart by itself. And the newly updated sshd_config file should be loaded by the new daemon by default. You can log in using the new ‘cokeeorg’ now.