This content originally appeared on DEV Community and was authored by MUHAMMAD ARBAB ANJUM
Log in to your server
Once your machine is up and running SSH to the server.
ssh root@IP.x.x.x
OR
ssh -i key.pem root@IP.x.x.x
System Update/Upgrade
Now we are inside the machine, update and upgrade the system.
sudo apt update -y
sudo apt upgrade -y
Change Password
Once system has been updated/upgraded You can change your password (optional)
passwd
Add a new non-root user and add it to sudoers
sudo usermod -aG sudo username
sudo -l -U username #Verify the user has sudo access
OR
useradd -m -s /bin/bash username
groups username
usermod -aG sudo username
Set password for new user
sudo passwd username
Now log in as a new user:
ssh username@192.IP.IP.IP
Authenticate using SSH and Restrict Password Login
ssh-keygen -t ed25519 -C "user@domain.com"
To view all public keys
Windows: C:\Users\YourUser\.ssh\id_ed25519.pub
Linux: cat ~/.ssh/id_ed25519.pub
Copy the content of the public(.pub) key file. Paste the public key into the file.
nano ~/.ssh/authorized_keys
Now add it to the ssh utility
ssh-add -k ~/.ssh/id_ed25519
Disable password login if you only want authentication using ssh only.
sudo nano /etc/ssh/sshd_config
Search for: PasswordAuthentication=no
For root user: PermitRootLogin=no
Now restart the ssh service:
sudo service ssh restart
OR
sudo systemctl restart ssh
Login With ssh
ssh username@IP.x.x.x
Secure server with firewall
This content originally appeared on DEV Community and was authored by MUHAMMAD ARBAB ANJUM