Initial Server Setup and Configurations on CentOS 7

This tutorial will explain the first basic steps you need to go through after installing a minimal CentOS 7 system with no graphical environment in order to obtain information about the installed system, the hardware on top of which runs the system and configure other specific system tasks, such as networking, root privileges, software, services and others.

Step One — Root Login To log into your server, you will need to know your server’s public IP address and the password for the “root” user’s account. If you have not already logged into your server, you may want to follow the first tutorial in this series, How to Connect to Your Droplet with SSH, which covers this process in detail. If you are not already connected to your server, go ahead and log in as the root user using the following command (substitute the highlighted word with your server’s public IP address): ssh root@SERVER_IP_ADDRESS Complete the login process by accepting the warning about host authenticity, if it appears, then providing your root authentication (password or private key). If it is your first time logging into the server, with a password, you will also be prompted to change the root password. The root user is the administrative user in a Linux environment that has very broad privileges. Because of the heightened privileges of the root account, you are actually discouraged from using it on a regular basis. This is because part of the power inherent with the root account is the ability to make very destructive changes, even by accident. The next step is to set up an alternative user account with a reduced scope of influence for day-to-day work. We’ll teach you how to gain increased privileges during the times when you need them.

Step Two — Create a New User Once you are logged in as root, we’re prepared to add the new user account that we will use to log in from now on. This example creates a new user called “demo”, but you should replace it with a user name that you like: adduser test Next, assign a password to the new user (again, substitute “demo” with the user that you just created): passwd test

Step Three — Root Privileges Now, we have a new user account with regular account privileges. However, we may sometimes need to do administrative tasks. To avoid having to log out of our normal user and log back in as the root account, we can set up what is known as “super user” or root privileges for our normal account. This will allow our normal user to run commands with administrative privileges by putting the word sudo before each command. To add these privileges to our new user, we need to add the new user to the “wheel” group. By default, on CentOS 7, users who belong to the “wheel” group are allowed to use the sudo command. As root, run this command to add your new user to the wheel group (substitute the highlighted word with your new user): gpasswd -a test test1

Step Four — Add Public Key Authentication (Recommended) The next step in securing your server is to set up public key authentication for your new user. Setting this up will increase the security of your server by requiring a private SSH key to log in. Generate a Key Pair If you do not already have an SSH key pair, which consists of a public and private key, you need to generate one. If you already have a key that you want to use, skip to the Copy the Public Key step. To generate a new key pair, enter the following command at the terminal of your local machine: ssh-keygen Assuming your local user is called “localuser”, you will see output that looks like the following: ssh-keygen output Generating public/private rsa key pair. Enter file in which to save the key (/Users/localuser/.ssh/id_rsa): Hit return to accept this file name and path (or enter a new name). Next, you will be prompted for a passphrase to secure the key with. You may either enter a passphrase or leave the passphrase blank.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

54784