Skip to main content

Secure a new computer | SSH

Secure new computer by creating a new user for the server/computer, then removing rights from root

This assumes that this is a new machine and that you are currently signed in as the root user.

Add your new user. Lets pretend the user name we want to create is "serverman". 
sudo adduser serverman   enter any user name you want. 

Check password file. Make sure the user is valid

tail /etc/passwd

Make user a Super User

usermod -aG sudo serverman
Check to make sure that your new user is apart of ground "sudo" (super user). 
groups serverman

The output should show that it is now apart of the sudo group.
Now, log out and then log back in under new user name, serverman (or whatever user name you created).

See if sudo works under new user

sudo ls

If that worked Good! NEXT...

lock root access: disable root

Go into the ssh config file and change some settings.
sudo nano /etc/ssh/sshd_config I like vim as my editor. If you don't know what nano is, look it up. "nano" text editor 

Find and Set PermitRootLogin to "no"
add to the file: "AllowUsers serverman"
Save and exit.

Open a second SSH window. Test to make sure the new user name can sign in. If it doesn't YOUR SCREWED!

No Comments
Back to top