To Do List After Launching a New Linux/Unix Like Server for Development

Commands, tricks & cautions that will be used here have been tested only on a Ubuntu 12.04 VPS. Though, most of the commands should work in other Unix like system without any change.
In this lesson we will see how should a newly launched/opened server be configured for basic security & proper accessibility. Usually you get an IP address & a root password for logging in as root, as soon as you open a new cloud/vps server from rackspace/digitalocean or some others like these.

1. Connecting to the remote system through/using SSH:
SSH(Secure Shell) is a protocol used to securely loggin in to a remote system & also ssh is the tool used in Linux that connect to the remote server over the SSH protocol.

The terminal will show a message and will prompt

Type yes & press enter & then in next prompt enter your root password that was provided by that server provider while opening a VPS. So, now we are logged in to the remote system as root user.

2. Change your root user’s password:
You used the root password that was generated & provided by the server provider & the first thing is to change this password. Enter the following command on the terminal.

It will first ask the current root password & after entering the current password it will ask your desired new password twice for confirmation.

3. Create a new user:
Currently we are logged in as root & changed the password of it. It is not encouraged to use root on a VPS frequently. So, we will now create a new user named “nuhil” and will give all root like permissions/privileges to the new user. Type the following command on terminal & press enter.

This will first ask for password for this new user & then it will ask for several informations about this new user. After entering the password (twice) you can skip all other next prompt/questions just by pressing Enter key.

4. Give root privileges to the new user nuhil:
Normally & so far root has all of the administrative capabilities. Note that if the new user wants to perform any root task then the user must use the “sudo” keyword before the command to be executed. Let’s edit the sudo configuration. Type the following & press enter,

Find the commented line called “User privilege specification”. Under that line there should be,

Under this line add the following line,

Press ctrl+x & then y to save the changed file.

5. Little bit security:
We can configure the SSH by editing the following file like,

Find out the following line

Change this to something like,

You can change this to any number between 1025 and 65536. This change will make it more difficult for unauthorized people to log in. (Important: Make sure this port is enabled/added/authorized to be opened in your server provider’s end if they force you to use a security group along with some rules for example while working with Amazon EC2 instance.) Now, change the following line,


Add the following two lines at the bottom of the file,

AllowUsers will limit login to only the users on that line. Save the file & exit. Lets reload the SSH server,

Now try login to the same server by opening a new terminal window (so that if the new config causes any un-expected issue then we can still change config from within the previously opened terminal’s ssh session) & by typing the following command,

Give the password of user “nuhil” when asked & you are logged in! Now to logout; type,

Optional. Turning off password authentication & logging in just using key:
Key-based authentication works by creating a pair of keys; a private key and a public key. The private key is located on the client machine and is secured and kept secret. The public key can be given to anyone or placed on any server you wish to access.

Check whether you have already these keys. Go to “.ssh” folder & check out by typing,

If there are id_rsa & files then go to “Copy” step otherwise, to create these keys type the following command in your terminal (In you local machine’s environment),

Now Copy the public key to the remote server by this command,

It will ask for the server authentication password & then it will copy your public key to nuhil’s home.
Now log in to your Cloud Server, create a directory called “.ssh” in the nuhil folder and move the pub key into it.

Change the permissions properly,

On past we did set “Permit RootLogin” to “no” & now we will also disable “Password Authentication”. Edit the config file by typing,

Edit/Uncomment/Update the PasswordAuthentication value like following,

Again reload the ssh server by,

Finally Lets logout,

Now again type the following in your terminal,

& it will allow you to log in without asking the password of user nuhil.

One thought on “To Do List After Launching a New Linux/Unix Like Server for Development”

Comments are closed.