So now that we've got Ubuntu Feisty installed (Part One), we'll setup some basic security for our new slice. Fire up terminal and ssh into your slice.
CODE:
-
ssh -l your_username your_ip_address
Now let's create a new user with basic rights, we don't want to be logging in as root.
CODE:
-
adduser deploy
Type the following and hit <Enter> CODE:
passwd
CODE:
-
visudo
If the VI editor opened the file for you, make sure you now hit the <i> key to enter into insert text mode. Scroll down to the bottom of the file (use arrow keys) to the section where a comment begins: # User privilege specification. You should see on the next line: root ALL=(ALL) ALL. Hit the <Enter> key after that line and add our new deploy user information as follows.
CODE:
-
deploy ALL=(ALL) ALL
Now we need to save our changes. If the editor that opened for you was GNU nano (it will display this at the top of the editor), use <Ctrl> + X key combination and hit the <Enter> key to save. If you need to save in VI, type ZZ.We'll now set up our slice so that you can't ssh in using the root user. Type in the following, scroll down to PermitRootLogin and set it to no.
CODE:
-
nano /etc/ssh/sshd_config
If you want to set you ssh port to something other than 22 (ex. 8888) you can do that as well. It should prevent some script kiddies. Now save the file: <Ctrl> + X key combination and hit the <Enter> key.In the next post we will setup the shorewall firewall.
This entry was posted
on Sunday, July 15th, 2007 at 3:51 pm and is filed under Linux.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Category Cloud
Uncategorized Slicehost Security Ubuntu Fun Betas Adobe iPhone Mac OSX Apple Google Productivity Music Rails Linux Technology Product Review
[...] setup the final piece of the puzzle so we can start coding already. If you’ve been following along (Part Two), we are now ready to setup the shorewall firewall. This will lock down all ports we aren’t using, [...]