4 Powerful Tips to Secure Linux Server in CentOS

Secure Linux Server in CentOs, when you first access your new vps or dedicated server you should follow few steps to make Linux server more secure. First step is creating new user and disabling ssh login for root user, and modifying ssh port other than default port 22.

As from the below screenshot, you will see there are 8376 failed login attempts with in three days of time. So, that why it’s important to secure your linux server.

1. Create New User

After Login, create new user with strong password and assign this new user with all root capabilities.

You can choose any name for this user.

/usr/sbin/adduser vivek
Secure Linux Server in CentOS

Adding User in CentOS

After creating new user update password, enter this below command to set the password for newly created user. Add a strong password.

passwd vivek
Secure Linux Server in CentOS

Updating Password for Previously Created User

2. Update the Root Privileges

Now assign this new user “vivek” with all root capabilities and administrative privileges.

For that edit sudo configuration file, using an editor. Here I’m using VI editor.

/usr/sbin/visudo
Secure Linux Server in CentOS

Updating Sudo Configuration File

Find the section called user privilege specification.

It will look like this:

# User privilege specification
root    ALL=(ALL)       ALL

Under the details of root’s privileges, add the following line, granting all the permissions to your new user.

To began typing in vi, press “a”.

vivek    ALL=(ALL)       ALL

Press Escape stop editing the file
Press “:w” to save or write the file
Press :q to exit the file.

# User privilege specification
root    ALL=(ALL)       ALL
vivek    ALL=(ALL)       ALL
Secure Linux Server in CentOS

File should look like this screenshot

3. Configuring SSH

Here we will disable root logins and modify the SSH port to be other than default 22.

open SSH configuration file in your preferred editor, Here I’m using nano
It’s easy to edit with nano than vi

sudo nano /etc/ssh/sshd_config

Find the following code and change them according to below values :

Port 25000
Protocol 2
PermitRootLogin no
UseDNS no

First of all we are changing the SSH port from default 22 to some other port 25000, you can use other ports which are free. Make sure you remember the new port number. You will need it to login in the future, and this change will make it more difficult for unauthorized people to log in. Without Correct SSH port no one can login into your Linux server.

Secure Linux Server in CentOS

Your file should be same as the one in Screenshot

PermitRootLogin: modify this value from yes to no to disable future root login. You can only login with new user login credentials.

Secure Linux Server in CentOS

Disable Root Logins

Secure Linux Server in CentOS

Disable DNS Usage for SSH

Add this line to the bottom of the document, replacing demo with your username, this allows the specific user to login into SSH.

AllowUsers vivek
Secure Linux Server in CentOS

Add this line at bottom of the file

Save and Exit

4. Reload SSH Configuration

To apply new settings for SSH, use this below command.

service sshd reload
Secure Linux Server in CentOS

Reload SSH Configuration Settings

Don’t forget to include the new port number. Before closing the Previously connected (root login) SSH window, connect with new user and try once. If you can connect successfully, You can close the previous connection without any worry.

If you have any problem logging in new user, check each and every step from begining.

ssh -p 25000 vivek@45.79.179.85
Secure Linux Server in CentOS

Don’t Forget to Include Port Number

After closing root connection, I tried to connect with root again. You can see response from server in below screenshot.

Secure Linux Server in CentOS

Tried to Login Using Root User

If you have any problem to secure your CentOS Linux Server, let me know through comment form below. This works both for CentOS6 & CentOS7 Linux Distributions.

Vivek Vengala
 

Vivek Vengala is a Online Entrepreneur, Web Developer from Hyderabad India.

Click Here to Leave a Comment Below 0 comments

Leave a Reply:

x

Join My Facebook Group to Receive Coding Tutorial for Free

email-subsribe