Shulou(Shulou.com)06/01 Report--

This article mainly explains the "preliminary configuration steps of the Linux server in the Ubuntu/Debian system". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn the "preliminary configuration steps of the Linux server in the Ubuntu/Debian system".

The following operation is for Debian/Ubuntu systems, and other Linux systems are similar, except that some of the commands are slightly different.

Step 1: root user login

First, log in to the remote host using the root user (assuming the IP address is 128.199.209.242).

Ssh root@128.199.209.242

At this point, a warning appears on the command line indicating that this is a new address and that there is a security risk. Type yes to accept. Then, you should be able to log in to the remote host smoothly.

Next, change the password of the root user.

Passwd

Step 2: create a new user

First, add a user group (assumed to be the admin user group here).

Addgroup admin

Then, add a new user (assuming bill).

Useradd-d / home/bill-s / bin/bash-m bill

In the above command, parameter d specifies the user's home directory, parameter s specifies the user's shell, and parameter m means that if the directory does not exist, the directory is created.

Next, set the password for the new user.

Passwd bill

Add a new user (bill) to the user group (admin).

Usermod-a-G admin bill

Next, set sudo permissions for the new user.

Visudo

The visudo command opens the sudo settings file / etc/sudoers and finds the following line.

Root ALL= (ALL:ALL) ALL

At the bottom of this line, add another line.

Root ALL= (ALL:ALL) ALLbill ALL= (ALL) NOPASSWD: ALL

The NOPASSWD above says that you don't need to enter a password when switching sudo, and I like it easier. For security reasons, you can also force a password.

Root ALL= (ALL:ALL) ALLbill ALL= (ALL:ALL) ALL

Then, log out of the root user, and then log in as the new user to check that everything is all right so far.

Exitssh bill@128.199.209.242

Step 3: SSH setting

First, make sure that the machine has a SSH public key (usually a file ~ /. Ssh/id_rsa.pub), and if not, use the ssh-keygen command to generate one (see my SSH tutorial).

Open another shell window on the local machine and copy the local public key to the server's authorized_keys file.

Cat ~ / .ssh/id_rsa.pub | ssh bill@128.199.209.242 'mkdir-p. Ssh & & cat-> > ~ / .ssh/authorized_keys'# or on the server side, run the following command echo "ssh-rsa [your public key]" > ~ / .ssh/authorized_keys

Then, go to the server and edit the SSH configuration file / etc/ssh/sshd_config.

Sudo cp / etc/ssh/sshd_config ~ sudo nano / etc/ssh/sshd_config

In the configuration file, change the default port 22 of SSH to any integer between 1025 and 65536 (25000 is assumed here).

Port 25000

Then, check that several settings are set to the following, and make sure the previous # sign is removed.

Protocol 2PermitRootLogin noPermitEmptyPasswords noPasswordAuthentication noRSAAuthentication yesPubkeyAuthentication yesAuthorizedKeysFile .ssh / authorized_keysUseDNS no

The above is mainly to prohibit root users from logging in, as well as to prohibit login with passwords.

Next, at the end of the configuration file, specify the users who are allowed to log in.

AllowUsers bill

After saving, exit the file editing.

Next, change the permissions of the authorized_keys file.

Sudo chmod 600 ~ / .ssh/authorized_keys & & chmod 700 ~ / .ssh/

Then, restart SSHD.

Sudo service ssh restart# or sudo / etc/init.d/ssh restart

The next step is optional. Create a config file under the native ~ / .ssh folder as follows.

Host s1HostName 128.199.209.242User billPort 25000

Finally, open another shell window on the local machine to test whether SSH can log in successfully.

Ssh s1

Step 4: run the environment configuration

First, check the locale of the server.

Locale

If the result is not en_US.UTF-8, it is recommended to set it.

Sudo locale-gen en_US en_US.UTF-8 en_CA.UTF-8sudo dpkg-reconfigure locales

Then, update the software.

Sudo apt-get updatesudo apt-get upgrade

Finally, according to the needs, do some security settings, such as building a firewall, closing ports other than HTTP, HTTPs, SSH, which will not be introduced here.

Thank you for reading, the above is the content of "preliminary configuration steps of Linux server in Ubuntu/Debian system". After the study of this article, I believe you have a deeper understanding of the preliminary configuration steps of Linux server in Ubuntu/Debian system, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.