# Secure a new computer | SSH

#### Secure new computer by creating a new user for the server/computer, then removing rights from root

This assumes that this is a new machine and that you are currently signed in as the root user. It works best with ***<span style="text-decoration: underline;">Ubuntu Server</span>*** but still work work to the most part in Mint

Add your new user. Lets pretend the user name we want to create is "serverman". enter any user name you want.

```bash
sudo adduser serverman
```

Or If you want to make your own UID:

```bash
sudo adduser --uid 1362 serverman
```

#### Check password file. Make sure the user is valid

`tail /etc/passwd`

#### Make user a Super User

`usermod -aG sudo serverman`  
Check to make sure that your new user is apart of ground "sudo" (super user).   
`groups serverman`

The output should show that it is now apart of the sudo group.

  
You could also, try

```
su - serverman
```

That will log you in using that name. now,

##### See if sudo works under new user

`sudo ls`

If that worked, Good!

Now, log out and then log back in under new user name, serverman (or whatever user name you created).

NEXT...

##### Install OpenSSH

If you don't have it yet

```bash
sudo apt install openssh-server
```

#### lock root access: disable root

Go into the ssh config file and change some settings.

```bash
sudo nano /etc/ssh/ssh_config
```

I like vim as my editor. If you don't know what nano is, look it up. "nano" text editor

Find and Set PermitRootLogin to "no"  
add to the file: "AllowUsers serverman"  
Save and exit.

Open a second SSH window. Test to make sure the new user name can sign in. If it doesn't YOUR SCREWED!

Complete removal (deletes home directory and mail):

```bash
sudo userdel -r username
```