This tutorial covers the basics of server set up with Arch Linux. By the end of this tutorial, you will be able to:
- Set up a new user with root privileges
- Configure SSH for making secure connection
- Access your virtual private server with new user
For logging in as the main user- root, you should have your IP address and root password. If you are on Mac, you can choose Terminal to log in and if you are on a PC, you should have PuTTY – an SSH client installed on your system. In this tutorial we will be using a Mac.
As you know, we don’t always use root login for all purposes. Hence an alternative user login to the virtual private server is highly recommended. This tutorial will teach you how to set up a new user for VPS login.
On the terminal screen, you will see the following:
The authenticity of host '188.8.131.520 (184.108.40.2060)' can't be established.
ECDSA key fingerprint is 79:95:46:1a:ab:37:11:8e:86:54:36:38:bb:3c:fa:c0.
Are you sure you want to continue connecting (yes/no)?
Enter Yes and type in your root password.
Changing Your Password
At present, the root password will be the default password that was given you while registering your droplet. You can change the password as you wish.
Creating a New User
Once you have logged in and changed your password, you can now proceed to create a new user for VPS and grant all root privileges for the new user. Here, I will be using exampleuser1 as user name. You can change it as you prefer.
useradd -m exampleuser1
The “-m” in the command is for making a home directory for your newly created user.
For changing the new user’s password, you can use the passwd command as given below:
Granting Root Privileges for the User
Here, we will show you how to grant root privileges for the new user. The root privileges are essential for all the administrative capabilities in virtual servers.
Just like ‘su’, sudo command is an alternative for running commands as root. The benefit of using sudo command is that, it enables root privilege only when it is required, there by reducing the chance of a typo or an error in the invoked command. Also it logs all the commands and the failed attempts to a file ‘/var/log/secure’ for security auditing. So, make sure you are using the sudo command while performing root tasks with the newly created user.
Before proceeding with the sudo configuration, there are a couple of things to bear in mind:
- The text editor used for configuration file does not accept arrow keys. So you need to use specific keys for navigation.
- Use ”j” for moving down
- Use “k” for going up
- “h” for left and
- “l” for right
- Press “a” to begin editing of text
- Press “esc” and then ”x” for deleting text
Open the file.
Search for the ‘user privilege specification’ and update it with command for granting all the permissions to the newly created user (exampleuser1 in our case).
# User privilege specification
root ALL=(ALL) ALL
exampleuser1 ALL=(ALL) ALL
After updating, save the file and exit.
SSH stands for Secure Shell and it is used to log into a remote server and execute commands.
Open the ssh configuration file with this command.
Search for the following snippet and update the information where ever necessary. You can uncomment the lines to reflect the changes that you have made. If you skipped uncommenting, the changes may not come into effect.
Note: use combination of keys ctrl+W to search for the words in the file.
Here, I have updated the port to 25000. Even though port 22 is the default port, you can change it to any number between 1025 and 65536. However, you need to remember the port number for future log-ins.
Search for PermitRootLogin and change it from ‘yes’ to ‘no’. This will prevent root login in the future. Now you only need to login with the new user.
Now the configuration changes are done. You can restart and reload SSH so as to implement the new port and settings.
systemctl restart sshd
It’s time to test out the new settings by opening a new terminal window and logging in with the newly created user details. Make sure that you entered the new port number.
ssh -p 25000 [email protected]
Now your system prompt will look like this:
[[email protected] ~]$
You have logged in successfully to your virtual private server with the new user and you can opt to exit out of root now.