Following all steps on this preliminary CentOS server setup just isn't a should however strongly beneficial. Nonetheless the choice is as much as you. I assumed you will have both VPS or Devoted server already so you may observe this information.
On this instance, I exploit a VPS with 512Mb of RAM operating CentOS 6.three x32 positioned in Amsterdam hosted by DigitalOcean.
Step 1 – Login to your distant server by way of SSH connection. You should utilize both use Terminal (Mac / Linux) or Putty in Home windows. You need to login as root.
Throughout your first login, Putty (or Terminal) will ask you to cache server’s host key within the registry and keep in mind server’s ras2 key fingerprint. Don’t panic and easily hit Yes.
Step 2 – Change default password for root. Generally a VPS or server is created utilizing random password generated by the supplier’s administration software program. It's good apply to alter it to one thing simpler to recollect by you however exhausting to crack or guess by others. Use this command syntax:
passwdYou’ll then be asked to enter your new password twice.
Ensure you use sturdy phrases and numbers mixture but in addition ensure you can simply bear in mind it.
Step 3 – Create new user. This new user can be used so that you can login to your server within the subsequent time as a result of you must additionally disable root login (I’ll inform you within the subsequent steps) as a result of “root” is admittedly a regular username hackers can simply guess. It’s similar to “admin” or “administrator” in Home windows. Use command under to create new username:
/usr/sbin/adduser newuser*change “newuser” above with your own new username. In this example I use my name “sawiyati”,
Then issue this command to setup password for that user:
passwd newuserUpon hitting Enter on your keyboard your server will ask you to type the password for that user.
/usr/sbin/visudo
then look for the line / section called:
# User privilege specification
root ALL=(ALL) ALL
or in different CentOS release it may also like this:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
Then add this line right after the root line:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
newuser ALL=(ALL) ALL
it should look like this:
Step 5 – Change SSH default port and disable root login. That is what I imply in step three above. On this case you’ll must edit “sshd_config” file which is the primary configuration file of SSH service in your server. You may both use vi or Nano to edit it. On this instance I exploit Nano editor:
nano /etc/ssh/sshd_config
Then fine following lines:
#port 22
Remove the # symbol and change the “22” (it is default port) to to any number between 1025 and 65536, For example is port 22000. Example:
port 22000
#PermitRootLogin yes
Remove the # symbol and change yes to no
PermitRootLogin no
So it will look like this:
#UseDNS yes
Remove the # symbol and change yes to no
UseDNS no
It may look like this:
Step 6 – Allow new user to login via SSH to your server. Simply add this line in the very bottom of that file:
AllowUsers newuser
Of course you have to replace “newuser” with your own username created in the step 3 above. Example:
Step 7 – Reload SSH service. To make sure the new configuration is used by the service, simply reload SSH by using this command:
/etc/init.d/sshd reloadIt should return with the OK message.
Step 8 – Give it a attempt! I assumed presently you might be nonetheless logging in as root. Don’t shut that SSH session but earlier than you take a look at it and ensure all of the settings you outlined in SSH config file actually works. Now launch one other Terminal window or launch one other Putty occasion then login utilizing new SSH port, new username, and naturally new password.
After the changes, you’ll see your new username instead of root:
