So now that we've got Ubuntu Feisty installed (Part One), we'll setup some basic security for our new slice. Fire up terminal and ssh into your slice.
-
ssh -l your_username your_ip_address
Now let's create a new user with basic rights, we don't want to be logging in as root.
-
adduser deploy
Type the following and hit <Enter>
-
visudo
If the VI editor opened the file for you, make sure you now hit the <i> key to enter into insert text mode. Scroll down to the bottom of the file (use arrow keys) to the section where a comment begins: # User privilege specification. You should see on the next line: root ALL=(ALL) ALL. Hit the <Enter> key after that line and add our new deploy user information as follows.
-
deploy ALL=(ALL) ALL
Now we need to save our changes. If the editor that opened for you was GNU nano (it will display this at the top of the editor), use <Ctrl> + X key combination and hit the <Enter> key to save. If you need to save in VI, type ZZ.We'll now set up our slice so that you can't ssh in using the root user. Type in the following, scroll down to PermitRootLogin and set it to no.
-
nano /etc/ssh/sshd_config
If you want to set you ssh port to something other than 22 (ex. 8888) you can do that as well. It should prevent some script kiddies. Now save the file: <Ctrl> + X key combination and hit the <Enter> key.In the next post we will setup the shorewall firewall.
1 Response to “Securing Your New Ubuntu Feisty VPS Part 2”