Initial Server Setup with CentOS 8
When you create a new CentOS Serverspace Cloud server you get a configured server with working network and SSH access to it. In this tutorial, we will walk through the steps for further server setup with CentOS 8.
Server connection
Connect to your new server via SSH using the instructions from your personal account for Windows or the following command for Linux:
Enter the IP address of your server instead of server_ip. If you selected an SSH key for authentication, the command will look like this:
Package upgrade
To update packages on the system, use the following command:
After the process is complete, you can clear the cache to free up disk space.
Creating new users
To use the server with other people, it's a good idea to create an individual account for each of them. To do this, use the following command (replace username with the name of new account):
To set a password for it:
And allow the new user to execute sudo commands:
Note that this will give the user big authority to manage the system, remove and install packages, and so on.
SSH configuration
If you have selected an SSH key for authentication, you can add a password method for other users. To do this, open the SSH daemon configuration file.
Find the PasswordAuthentication line and change it to yes.
To enable SSH key authentication (if it is disabled):
Now restart SSH service.
SSH key configuration
Another way to increase server security is to use SSH keys and disable the password for user authentication. To do this, each user must create a pair of public and private SSH keys on their local machine (It is a good idea to set a passphrase during key creation):
And copy them to the server.
When all users have configured authentication using SSH keys, you can set no for PasswordAuthentication in the /etc/ssh/sshd_config file.
Firewall configuration
To start the firewall and enable its autorun, use the following command:
You must add a permission rule for each service that you plan to use. For example, let's open the HTTPS port.
After adding the rules, reload firewalld.
It's a good idea to change the standard SSH port to reduce the risk of automatic password guessing. Open the /etc/ssh/sshd_config file. Uncomment the following line and change the value to 2266 for example:
Save and close the file. Add this port to the firewall and remove the default one.
firewall-cmd --permanent --zone=public --remove-service=ssh
firewall-cmd --reload
Then restart the service.
Add the port number to connect via SSH now:
Now the initial server setup with CentOS 8 is completed.