Initial settings of a CentOS 7 VPS server

I

The basic settings of a VPS server with CentOS 7 are similar to those in Ubuntu. The steps below will increase server security with CentOS 7. I must specify that all tests and installations from both this article and the following are made on a VPS server purchased from mvps.net but should work smoothly on any VPS server or dedicated with CentOS. At the same time, the system I connect to the server is Linux, but probably the same commands also work for Windows with Putty.

Step 1 – connect as root

The first connection will be made through ssh as root, using the public IP address of the server:

ssh root@SERVER_IP_ADDRESS

You will be asked if you sure you want to continue connecting (yes/no)? You will type yes and then you will be prompted for the root password on the VPS server (no keystrokes will appear when typing the password, so be careful when pressing the keys).

About root

Superuser (or root) is the user with administrative rights in a Linux environment. For this reason, it is not recommended to use the root account for current activities on a Linux server – using the root user, a simple accident/inadvertently destroys a Linux server.

Step 2 – Add a new user

Just because the root superuser can cause inconvenience, it is advisable to add a normal user to which we will then grant root privileges. The command below will create the demo user:

adduser demo

We will set the new user’s password with the command:

passwd demo

We will be asked to enter the chosen password twice:

# passwd demo

Changing password for user demo.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Step 3 – Setting the administrative privileges for the new user

At this moment, we have the superuser root and the demo user with the usual privileges on the server. We need to grant administrative privileges to the new user. For this, we will add the new demo user to the wheel group:

gpasswd -a demo wheel

Now, the demo user can execute commands with root privileges using sudo before the command itself. As a minimal CentOS 7 server, the sudo command is not installed; as a root, we will run the command:

yum install sudo

To check the new user’s privileges, we will change from the root user to the demo user with the command:

su – demo

Now, we’ll find ourselves in the demo user’s home directory.

Our CentOS 7 system is outdated. For verification, we will issue the /etc/*-release command.
It is necessary to update the system with the command sudo yum update (so we also check the functioning of the administrative rights for the newly created demo user).

Step 4 – Configure the SSH daemon

We need to secure the new server a bit, forbidding the connection as root through ssh. This will only be allowed for the new demo user. To avoid using the vi editor, we will install nano:

sudo yum install nano

With nano, we will edit the following file:

sudo nano / etc / ssh / sshd_config

We will look for the line (remind: searching in the nano text editor is done by pressing CTRL + W):

#PermitRootLogin yes

We will break this line by wiping the # character and write no instead of yes to look like this:

PermitRootLogin no

Recharging SSH

This change requires reloading the SSH daemon:

sudo systemctl reload sshd

Before we log out of the server, we need to check the new settings. We will open a new terminal and we will type:

ssh root@SERVER_IP_ADDRESS

We should receive a message like the one below:

Permission denied, please try again.

Next, we will write the following command to connect with the newly created demo user:

ssh demo@SERVER_IP_ADDRESS

We should connect now to our VPS server with CentOS 7 without any problems.

Step 5 – Setting the timezone

Once connected to the VPS server, we give the date command and we will receive a message that shows the time of the server. As it is not the one we want, we need to tell the server what date and time it actually is and use the timedatectl command:

sudo timedatectl set-timezone continent/country

At a new data command or sudo timedatectl, we will get the answer with the correct date and time.

Set up NTP sync

We want our VPS server with CentOS 7 to be constantly upgraded with the accurate time. To do this, we will install NTP with the following command:

sudo yum install ntp

We also need to start the service for the current session and enable it to start at each server restart:

sudo systemctl start ntpd
sudo systemctl enable ntpd

Recent Posts

Archives

Categories