4 Powerful Tips to Secure Linux Server in CentOS
Secure Linux Server in CentOs, when you first access your new vps or dedicated server you should follow few steps to make Linux server more secure. First step is creating new user and disabling ssh login for root user, and modifying ssh port other than default port 22.
As from the below screenshot, you will see there are 8376 failed login attempts with in three days of time. So, that why it’s important to secure your linux server.
- How to Login Into Linux server using Command Line Terminal
- Installing LAMP Stack on CentOS7 Server
- 4 Easy Steps to Setup Linode VPS Server
1. Create New User
After Login, create new user with strong password and assign this new user with all root capabilities.
You can choose any name for this user.
/usr/sbin/adduser vivekAfter creating new user update password, enter this below command to set the password for newly created user. Add a strong password.
2. Update the Root Privileges
Now assign this new user “vivek” with all root capabilities and administrative privileges.
For that edit sudo configuration file, using an editor. Here I’m using VI editor.
Find the section called user privilege specification.
It will look like this:
# User privilege specification root ALL=(ALL) ALL
Under the details of root’s privileges, add the following line, granting all the permissions to your new user.
To began typing in vi, press “a”.
vivek ALL=(ALL) ALL
Press Escape stop editing the file
Press “:w” to save or write the file
Press :q to exit the file.
# User privilege specification root ALL=(ALL) ALL vivek ALL=(ALL) ALL
3. Configuring SSH
Here we will disable root logins and modify the SSH port to be other than default 22.
open SSH configuration file in your preferred editor, Here I’m using nano
It’s easy to edit with nano than vi
sudo nano /etc/ssh/sshd_config
Find the following code and change them according to below values :
Port 25000 Protocol 2 PermitRootLogin no UseDNS no
First of all we are changing the SSH port from default 22 to some other port 25000, you can use other ports which are free. Make sure you remember the new port number. You will need it to login in the future, and this change will make it more difficult for unauthorized people to log in. Without Correct SSH port no one can login into your Linux server.
PermitRootLogin: modify this value from yes to no to disable future root login. You can only login with new user login credentials.
Add this line to the bottom of the document, replacing demo with your username, this allows the specific user to login into SSH.
Save and Exit
4. Reload SSH Configuration
To apply new settings for SSH, use this below command.
service sshd reload
Don’t forget to include the new port number. Before closing the Previously connected (root login) SSH window, connect with new user and try once. If you can connect successfully, You can close the previous connection without any worry.
If you have any problem logging in new user, check each and every step from begining.
ssh -p 25000 firstname.lastname@example.org
After closing root connection, I tried to connect with root again. You can see response from server in below screenshot.
If you have any problem to secure your CentOS Linux Server, let me know through comment form below. This works both for CentOS6 & CentOS7 Linux Distributions.