80 lines
1.7 KiB
Markdown
80 lines
1.7 KiB
Markdown
# First login
|
|
|
|
```shell
|
|
# Login into the VPS
|
|
ssh root@codespec.xyz
|
|
|
|
# Update packages
|
|
apt update && apt upgrade
|
|
|
|
# Enable automatic updates
|
|
apt install unattended-upgrades
|
|
dpkg-reconfigure unattended-upgrades
|
|
```
|
|
|
|
# Add a new user
|
|
|
|
This is done so that you can disable
|
|
loging in as root user.
|
|
|
|
```shell
|
|
# '-m' creates a home directory,
|
|
# '-s' assigns a shell (/bin/bash in this case),
|
|
# 'user' is the name you want to give it
|
|
useradd -m -s /bin/bash user
|
|
passwd user # Set a password for 'user'
|
|
```
|
|
|
|
Add 'user' to sudo group. This will allow to execute
|
|
commands as root, such as `sudo apt update`.
|
|
Some distros user 'wheel' group instead of 'sudo'
|
|
Run command `visudo` to check root enabled groups.
|
|
Debian, Ubuntu and derivatives usually use 'sudo'.
|
|
|
|
```shell
|
|
usermod -aG sudo user # Give 'user' sudo privileges
|
|
su - user # Login into 'user'
|
|
sudo apt update # Test that you have access to sudo
|
|
|
|
# Exit your server, you may need to run 'exit' twice.
|
|
exit
|
|
```
|
|
|
|
# Configure SSH keypair
|
|
|
|
## In your local machine:
|
|
```shell
|
|
ssh-keygen # Generate keypair
|
|
ssh-copy-id -i ~/.ssh/id_rsa.pub user@codespec.xyz # Copy to server
|
|
ssh user@codespec.xyz # Check it works
|
|
```
|
|
|
|
## ONCE IN THE VPS:
|
|
`sudo nano /etc/ssh/sshd_config`
|
|
Make sure to configure as follows
|
|
(We only need to allow 'user', but
|
|
you can add multiple users as well):
|
|
|
|
```ssh
|
|
PermitRootLogin no
|
|
AllowUsers user otheruser yetanotheruser
|
|
PasswordAuthentication no
|
|
UsePam no
|
|
```
|
|
|
|
Then, restart SSH daemon
|
|
|
|
```shell
|
|
systemctl restart sshd
|
|
```
|
|
|
|
# Enable UFW
|
|
|
|
```shell
|
|
# Allow SSH before enabling,
|
|
# Will drop shell otherwise.
|
|
ufw allow 22
|
|
|
|
# Enable firewall
|
|
ufw enable
|
|
```
|