Setting up your server with CentOS 7: Steps and Guidelines
Tips on the first steps you should be taking with your CentOS 7 Server
Blue Light Tech
The steps we will go through are as follows:
- Creating the Server
- Root Login
- Creating a New User
- Add Root Privileges
- Public Key Authentication
- Disable Root Login
Creating the Server
So you’ve bought one of our packages, and are now wondering the best way to get started with your newly provisioned server. Well we’ve put together a quick guide, of how to create your CentOS 7 Cloud server, and the most important first steps to take before you get into your project.
- Please note we already have OS templates ready to be installed on your Cloud, so you won’t need to download any. To get started, go to the Cloud Services from your Control Panel.
- Click on 'Add New Server' and choose the configuration settings for your new server.
- A progress bar will show, as our systems get your Cloud server configured correctly.
- You will then reach this screen, showing the state and other information on your server. The On/Off toggle shows that the server is up and running. The Hostname was chosen when creating the server, along with the IP Address allocated to it.
While creating the server, an account was opened just for you as the Administrator of the server. The name for that is known as root. As a root user, you have full access, privileges and control over the server. So, before you can access the server, make sure you have the root password. Take this password and start up your ssh client (e.g Putty) Download Putty
If you do not know what a ssh client is or how to connect, please refer to our article here...()
- Once you are logged-in, change your password by typing the following command:
- You will be asked for a new password for the root user twice.
Creating a New User
It is not enough to change the password of the root user, it is also necessary to create another user account with lower privileges to use to login via ssh.
Lets create another user.
- In the terminal, type the following code:
(choose your own name for the user)
- Next, assign a password to the new account demo by typing
Ensure this is a strong password (using a Random Password Generator can help, such as PasswordGenerator )
Add Root Privileges
gpasswd -a demo wheel
What this command does is gives your new user the root (super) privileges. The 'wheel' in the code is the 'group' that designates this power. Any user in the group, according to Centos 7 has the ability to act like root by adding 'sudo' as the prefix to any command they give.
Public Key Authentication
This change makes your server much more secure. What we will be doing is ensuring that logins take place from only the locations that have the private key. This improves security since the server will be taking login access from only the footprints of your computer.
We shall be making use of a program known as PuttyKey Generator (A.K.A PuttyGen).Download your preferred version here. With this program, we shall be generating 2 sets of keys, one public and the other, private. The public key will be saved on the server while the private key will be saved on our local machine. Once the 2 keys match, access is granted.
- Begin by running PuttyGen
- Under Parameters, select the type of key (preferably SSH -2 RSA) and also type in the number of bits you want (the default is 2048 but you can increase it to 4096).
- After this, click on the 'Generate' button.
- Then add a comment and/or passphrase. Passphrase adds another layer of security and will be asked for before the keys are auto-loaded during authentication. This is not compulsory.
- Once you are through, save the 2 keys separately.
Important: If you lose your private keys, you may not be able to access your server again!
- Scroll up and right-click on the text field that says: 'Public key for pasting into OpenSSH authorized_keys file '. And 'Select All'. Right click again and choose 'Copy'
- Now that you have successfully generated your keys, its time to save the newly copied 'Public key' to the server.
- Login and type the following code to create a directory for the keys:
- Secure it by typing
chmod 0700 ~/.ssh
- To create the file, now type:
- Secure it by:
chmod 0644 ~/.ssh/authorized_keys
- Now, open that file by typing:
- Now paste the copied key here by pressing 'Ctrl + Insert' from your keyboard
Note, the beginning of the keys should be ssh-rsa
- Save the file by pressing Ctrl + O and exit by pressing Ctrl + X
- You’ll now need to restart the ssh service with the command:
service sshd restart
- Login and type the following code to create a directory for the keys:
- Now that the public keys have been saved, lets save the private keys to your local computer.
- Fire up your local SSH login console (e.g. Putty)
- Type in the IP address of your server and port number in their respective fields.
- Look towards the right and expand the 'Connection' Toggle
Click also on 'SSH' to expand, then select 'Auth'.
- In the window, you will see 'Private Key file for authentication' Browse to the location of the private key you saved earlier and select it.
- Now, go back to the Session Category and click on 'Save'
- You can test this setup by simply accessing the server again via the putty program. You will notice that there is no more need to login with your password.
Disable Root Login
A final step to secure up your SSH, is to make a modification to the SSH Daemon configuration, which will prevent logins as the root user. This is more secure, and allowing root logins is unnecessary now that we have our new user who can escalate permissions.
- To get started, fire up your putty again and type this:
- While inside the file, scroll to where you will find:
- Change it to:
Make sure you have removed the # sign, which uncomments the line and therefore activates the option.
- Reload the ssh server again by typing:
service sshd restart
- Before we finish, we need to test this configuration and make sure that we haven’t denied ourselves access completely. The best way to do this is start up another Putty window, and ensure that you can still connect and login to the server.
You now have a secure configuration enabled on your server, so it’s ready for you to proceed with your project. We have a range of guides that can help with common setups, such as a LAMP server for hosting a website, and also guides on best practices with your setups, so head back to our Knowledge Base for further tips.
I am sure this article has touched all the internet visitors,
its really really nice article on building up new weblog. https://kasino.vin/downloads/72-download-play8oy
Use the keywords that are specifically linked to your written content.
To make it seem natural, must create about 20 links a day unless you
have access to many different IP's. http://Www.777Pokergames.com/discover-the-finest-deals-for-the-online-casino-now/
Great post. I am dealing with many of these issues as well.. http://keo365.com/the-thao
I know this website offers quality based content and other information, is there any other web page which provides such data in quality? http://keo365.com/the-thao
excellent issues altogether, you just received a new reader.
What may you recommend about your submit that you just made some days in the past?
Any sure? http://cado789.com
Howdy! Would you mind if I share your blog with my myspace group?
There's a lot of folks that I think would really appreciate your content.
Please let me know. Cheers http://keo365.com/the-thao
Hey! This is my 1st comment here so I just wanted to give a
quick shout out and tell you I genuinely enjoy reading through your posts.
Can you suggest any other blogs/websites/forums that deal with the same subjects?
Thanks for your time! http://sinfoniettapolonia.pl/html_en/index.php?go=http://www.mbet88vn.com
Hello i am kavin, its my first time to commenting anyplace, when i read this post i thought i could also create comment due to this good piece of writing. http://188.8.131.52/jump.php?url=http://www.mbet88vn.com
Simply desire to say your article is as astounding.
The clearness to your publish is simply spectacular and i could suppose you
are an expert in this subject. Fine together with your permission allow me to grab
your RSS feed to stay up to date with approaching post.
Thank you a million and please carry on the gratifying work. https://catalog-goroda.ru/redirect.php?url=http://alternatif188bet.com
Unquestionably believe that which you stated. Your favorite reason appeared
to be on the internet the easiest thing to be aware of.
I say to you, I definitely get annoyed while people think about worries that they just don't know about.
You managed to hit the nail upon the top and defined out the whole thing without
having side effect , people could take a signal.
Will probably be back to get more. Thanks http://urlink.fr/MxD
Hello, just wanted to tell you, I enjoyed this post.
It was inspiring. Keep on posting! http://www.mbet88vn.com
Thanks in support of sharing such a nice thought,
paragraph is pleasant, thats why i have read it
I am really loving the theme/design of your weblog. Do you ever run into any
internet browser compatibility problems? A small number of
my blog audience have complained about my site not operating
correctly in Explorer but looks great in Chrome. Do you have
any advice to help fix this problem? http://www.beast-art.com/cgi-bin/out.cgi?id=animalt7&url=http://alternatif188bet.com
Appreciate this post. Will try it out. http://alternatif188bet.com
Howdy! This post could not be written any better! Reading through this
post reminds me of my old room mate! He always kept chatting about this.
I will forward this page to him. Fairly certain he will have a
good read. Thanks for sharing! http://ddpromote.com/go.php?url=http://alternatif188bet.com
Normally I do not learn article on blogs, but I would like
to say that this write-up very pressured me to take a look at and do it!
Your writing taste has been amazed me. Thanks, quite
great post. http://www.mbet88vn.com
Hey There. I found your blog using msn. This
is a very well written article. I will be sure to bookmark it and return to read more of your useful information. Thanks
for the post. I will definitely comeback. https://www.merkinvestments.com/enter/?url=http://www.mbet88vn.com
This is a topic that is near to my heart... Best wishes! Where are your contact details though? http://www.zajazdzazamcze.ojcow.pl/index.php?go=http://keo365.com/the-thao
I'm impressed, I have to admit. Seldom do I encounter a blog that's
both educative and engaging, and without a doubt,
you've hit the nail on the head. The issue is something that
not enough men and women are speaking intelligently about.
Now i'm very happy I came across this in my
hunt for something concerning this. http://www.garrisonexcelsior.com/redirect.php?url=https://www.keoc1.com
Hello there! I know this is somewhat off topic but I was wondering if you knew where I
could locate a captcha plugin for my comment
form? I'm using the same blog platform as yours and
I'm having trouble finding one? Thanks a lot! http://massivecams.tv/external_link/?url=http://soikeoplus.com
Hi i am kavin, its my first time to commenting anyplace, when i
read this paragraph i thought i could also create comment due to this brilliant piece of writing. https://zii.im/nfgMRd
Les nouvelles séries sont indiquées en gras. http://www.newsseries.fr/s5/
Remarkable things here. I'm very happy to see your post.
Thanks so much and I am having a look forward to contact
you. Will you please drop me a mail? http://www.betfortuna1.com/188bet
I'm not sure why but this site is loading very slow for me.
Is anyone else having this problem or is it a problem
on my end? I'll check back later and see if the problem still exists. http://www.mbet88vn.com
You could certainly see your skills within the article you write.
The world hopes for even more passionate writers like you who aren't afraid to mention how they believe.
Always go after your heart. http://www.betfortuna1.com/188bet
The ED caused by that surgery could be either temporary or permanent. Thus, in the event the muscles inside the penile area are relaxed, more blood will type in the penis and a bigger harder erection will occur.
Thanks for pointing that out Mark, we've updated it and it should be working for you now!
Useful guide, especially helping with SSH keys.
The link for Putty needs updating, it doesn't work for me!