-
Add new user group and new user for your regular login
groupadd admin
useradd -d /home/john -m -g admin john
-
Delete this user password
passwd -d john -
Set new password for this user
passwd john -
Set bash as default shell for the user. Edit file
/etc/passwdand set following line
john:x:1000:1000::/home/john:/bin/bash -
Add this user (all admin group) to sudoers
visudo
Add line
%admin ALL=(ALL) NOPASSWD: ALL
NOPASSWD here means that when executin sudo system will not ask user password. It is important that this line was one of the last in the sudoers file. -
Disable root ssh login:
vim /etc/ssh/sshd_config
Find linePermitRootLoginand set it tono
Now you’ll need to restart the sshd service:
service sshd restart -
Disable user password login:
vim /etc/ssh/sshd_config
Add line
PasswordAuthentication no
Add lines:
RSAAuthentication yesPubkeyAuthentication yesAuthorizedKeysFile .ssh/authorized_keys
Now you’ll need to restart the sshd service:
service ssh restart -
Generate SSH keys for the user. Login as user
johnand execute following commands:
ssh-keygen -t rsa
chmod 700 ~/.ssh
cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys
chmod 400 ~/.ssh/authorized_keys - If using putty for ssh login onto Windows, you should reformat private key with puttygen (open puttygen, load private key, click 'Save private key') and then use this reformatted provate key for putty login
среда, 21 августа 2013 г.
Setting up Ubuntu 12.04 LTS service
Let's talk about Ubuntu 12.04 LTS server setup. It is assumed that you are logged in as root.
Download and install Oracle Server JRE7
Let's show how to download and install Oracle Server JRE7 from Oracle Download Site on our CentOS server.
First, you should go to download page Java SE Downloads, select JRE7 and accept license agreement. Then please check cookies that are set when you accept licence agreement. We need that cookie:
Then execute RPM:
gpw_e24. Just execute following command:
wget \
--no-check-certificate \
--no-cookies \
--header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2Ftechnetwork%2Fjava%2Fjavase%2Fdownloads%2Fjre7-downloads-1880261.html" \
http://download.oracle.com/otn-pub/java/jdk/7u25-b15/jre-7u25-linux-x64.rpm
Then execute RPM:
sudo rpm -ivh jre-7u25-linux-x64.rpm
Setting up your CentOS Server
Well, now you've got your brand new server with CentOS installed on it. What are the first steps to establish server security? It is assumed that you are logged in as root.
-
Add new user group and new user for your regular login
groupadd admins
useradd john -gadmins
-
Delete this user password
passwd -d john -
Set new password for this user
passwd john -
Add this user to sudoers
visudo
Find line
root ALL=(ALL) ALL
and add new line under this line
john ALL=(ALL) ALL -
Disable root ssh login:
vim /etc/ssh/sshd_config
Find linePermitRootLoginand set it tono
Now you’ll need to restart the sshd service:
service sshd restart -
Disable user password login:
vim /etc/ssh/sshd_config
Add line
PasswordAuthentication no
Add lines:
RSAAuthentication yesPubkeyAuthentication yesAuthorizedKeysFile .ssh/authorized_keys
Now you’ll need to restart the sshd service:
service sshd restart -
Generate SSH keys for the user. Login as user
johnand execute following commands:
ssh-keygen -t rsa
chmod 700 ~/.ssh
cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys
chmod 400 ~/.ssh/authorized_keys - If using putty for ssh login onto Windows, you should reformat private key with puttygen (open puttygen, load private key, click 'Save private key') and then use this reformatted provate key for putty login
четверг, 8 августа 2013 г.
Crispy goes on
So, this is my another blog about software. Do I really have smth interesting to tell you? I think yes, I have. But, more importantly, I'll put here all my thoughts, experimentations and code snippets which can help you or me in the future. My previous blog was in Russian language. But this one will be in English. I want to tell with much more broad audience and English language gives me this chance.
What topics will be highlighted here? Well, mostly geeky ones: software engineering, hacks, languages like Java, Scala, Python, Javascript, R, bitcoins, machine learning, algorithms, data structures implementations, highload systems and more. I like all that and try to touch as much as I can.
Recently I was involved in following:
I have a lot of boiling thoughts that rush out of me to be pusblished in this blog.
Let's begin then.
What topics will be highlighted here? Well, mostly geeky ones: software engineering, hacks, languages like Java, Scala, Python, Javascript, R, bitcoins, machine learning, algorithms, data structures implementations, highload systems and more. I like all that and try to touch as much as I can.
Recently I was involved in following:
- making ad platform for mobile traffic
- refactoring very highload xml ppc aggragator
- making bitcoin arbitrage sfotware
- some machine learning exercises
I have a lot of boiling thoughts that rush out of me to be pusblished in this blog.
Let's begin then.
Подписаться на:
Сообщения (Atom)