Basic CentOS Setup Before Building A Working Server
#howto ,#tutorial #VPS – Basic CentOS Setup Before Building A Working Server – This tutorial explains step by step guide (with pics) about Basic CentOS Setup Before Building A Working Server
All essential things you have to do in the first time to build a web server on CentOS 6. You may simply straight forward to install Apache, Nginx, Lighthttpd, or any web server you want but it is strongly recommended to firstly follow some basic and common practices of initial server setup. This is aimed to tweak and apply some basic security protection on your server and make it real private. For instance, to change default root login, change default SSH port and so on.
Following all steps in this initial CentOS server setup is not a must but strongly recommended. However the decision is up to you. I assumed you have either VPS or Dedicated server already so you can follow this guide.
In this example, I use a VPS with 512Mb of RAM running CentOS 6.3 x32 located in Amsterdam hosted by DigitalOcean.
Step 1 – Login to your remote server via SSH connection. You can use either use Terminal (Mac / Linux) or Putty in Windows. You should login as root. Read my previous articles:
- Where To Download Putty and How To Use It
- Top most used Unix commands to SSH to a Linux server
During your first login, Putty (or Terminal) will ask you to cache server’s host key in the registry and remember server’s ras2 key fingerprint. Don’t panic and simply hit Yes.
Step 2 – Change default password for root. Sometimes a VPS or server is created using random password generated by the provider’s management software. It is good practice to change it to something easier to remember by you but hard to crack or guess by others. Use this command syntax:
You’ll then be asked to enter your new password twice.
Make sure you use strong words and numbers combination but also make sure you can easily remember it.
Step 3 – Create new user. This new user will be used for you to login to your server in the next time because you have to also disable root login (I’ll tell you in the next steps) because “root” is really a standard username hackers can easily guess. It’s just like “admin” or “administrator” in Windows. Use command below to create new username:
*change “newuser” above with your own new username. In this example I use my name “sawiyati”.
Then issue this command to setup password for that user:
Upon hitting Enter on your keyboard your server will ask you to type the password for that user.
Step 4 – Setup root privileges to that user so once you logged in to your server using that new user you will still be able to perform any root only tasks. To do that simply issue this command:
then look for the line / section called:
# User privilege specification root ALL=(ALL) ALL
or in different CentOS release it may also like this:
## Allow root to run any commands anywhere root ALL=(ALL) ALL
Then add this line right after the root line:
## Allow root to run any commands anywhere root ALL=(ALL) ALL newuser ALL=(ALL) ALL
it should look like this:
How to edit? If you don’t have Nano editor installed yet, simply hit “a” (without quotes). Once done adding new line, simply hit Esc key to exit editing mode. Now press Shift key + ZZ to save and exit vi editor.
Step 5 – Change SSH default port and disable root login. This is what I mean in step 3 above. In this case you’ll need to edit “sshd_config” file which is the main configuration file of SSH service in your server. You can either use vi or Nano to edit it. In this example I use Nano editor:
Then fine following lines:
Remove the # symbol and change the “22” (it is default port) to to any number between 1025 and 65536, For example is port 22000. Example:
Next, also find:
Remove the # symbol and change yes to no
So it will look like this:
Next, find this line as well:
Remove the # symbol and change yes to no
It may look like this:
Don’t close Nano editor just yet, now proceed to the next step:
Step 6 – Allow new user to login via SSH to your server. Simply add this line in the very bottom of that file:
Of course you have to replace “newuser” with your own username created in the step 3 above. Example:
Once done, hit Control+O to save then Control+X to exit Nano editor.
Step 7 – Reload SSH service. To make sure the new configuration is used by the service, simply reload SSH by using this command:
It should return with the OK message.
Step 8 – Give it a try! I assumed currently you are still logging in as root. Don’t close that SSH session yet before you test it and make sure all the settings you defined in SSH config file really works. Now launch another Terminal window or launch another Putty instance then login using new SSH port, new username, and of course new password.
After the changes, you’ll see your new username instead of root:
This post Basic CentOS Setup Before Building A Working Server is part of ServerMom.