This is intened to be a longer series of article with some basic Linux commands to help those of you unfamiliar with Linux to set up your Linux VPS and secure it at the same time. I don’t state I am the biggest Linux guru in the town, but 
what I know I want to share with you and you can make the same in the comments area after each article, or you can provide your own guide and a link to it in the comments area 
How to start your Linux VPS life?
I think you know the situation. You host has sent you the login information to your new VPS box and you need to startto work with it, but you do not really know what to do. There are two things you need to know first. It is very possible, that at first you will be only able to access your VPS trough what’s called “console”.
You put in the login name and password and then you need to change the root password. Do not panic as this one will not change the default “console” password, but in fact it will set up your real SSH root password. Then I would suggest you to update your VPS and only then use your new SSH root password to log in to the VPS box trough SSH. There is one thing you could do at this stage to make your login even safer and easier, but will cover it at a later time.
The second thing you need to know is to find out what Linux distro the host has set up as default and decide whether you are happy with it or not. Try this command to find out the Linux type and version cat /etc/issue . This command should tell you something like “Debian 5.0.1″ wiht some weird characters around it If you do not like the distro you have been provided with as default you can go to your VPS admin panel and change it for the flavour of your choice.
The basic set up
I have mentioned you need to set up your root password you will [could] use for SSH logins, but as I will tell you in the next article we will never log in trough SSH by using a password… . The password on a Linux VPS can be changed with this command passwd your_password . I would suggest you to use a very strong password and do not use less then 16 characters!~It should be a big and silly mix of upper-case, lower-case, numbers and special characters to make it very hard for brute force attacks and impossible for dictionary attacks to crack 
A very good help is to use PasswordSafe. A program which can easily store your ”high security password” and you only need to remember one password to get them all .
[ad#Adsense360]
Another good idea would be to add another user with adduser user_name, and once again I would suggest you not to use an easy and very common name. Rather make it something unique because if the attacker does not know the username he does not know anything [even if he know the password]… Remember you will be asked to input a password for the user and once again make it a very hard and long password to make the security a lot better
One more thing I will tell you is to add this user to the sudoers file and give the user some level of root privileges to perform daily tasks you would need a root password for. This is good, because you would not want to be root and perform your daily routines if you really do not know Linux from A-Z Being root all the time is a silly idea and never do it unless you are Superman!!!
Ah, how to add your newly created user to sudoers file? Well execute this command visudo and right after where it read ROOT ALL=(ALL) ALL put a line like this YOUR_USER_NAME ALL=(ALL) ALL and save and exit the file the question of saving the file: if your default program for file editing is VI than you save by hitting ESCAPE KEY and then pressing :wq or if you are using NANO it would be CONTROL+O [to save] and than CONTROL+X [to exit].
That’s enough for today. See you next time here at Icethunder.net
No related posts.
Comments are closed.