Setting up your CentOS Server

Well, now you've got your brand new server with CentOS installed on it. What are the first steps to establish server security? It is assumed that you are logged in as root.

• Add new user group and new user for your regular login
  groupadd admins
useradd john -gadmins
  
• Delete this user password
  passwd -d john
• Set new password for this user
  passwd john
• Add this user to sudoers
  visudo
  Find line
  root ALL=(ALL) ALL
  and add new line under this line
  john ALL=(ALL) ALL
• Disable root ssh login:
  vim /etc/ssh/sshd_config
  Find line PermitRootLogin and set it to no
  Now you’ll need to restart the sshd service:
  service sshd restart
• Disable user password login:
  vim /etc/ssh/sshd_config
  Add line
  PasswordAuthentication no
  Add lines:
  RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
  Now you’ll need to restart the sshd service:
  service sshd restart
• Generate SSH keys for the user. Login as user john and execute following commands:
  ssh-keygen -t rsa
chmod 700 ~/.ssh
cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys
chmod 400 ~/.ssh/authorized_keys
• If using putty for ssh login onto Windows, you should reformat private key with puttygen (open puttygen, load private key, click 'Save private key') and then use this reformatted provate key for putty login