Initial Server Setup with CentOS 8
When you create a new CentOS Serverspace Cloud server you get a configured server with working network and SSH access to it. In this tutorial, we will walk through the steps for further server setup with CentOS 8.
Connect to your new server via SSH using the instructions from your personal account for Windows or the following command for Linux:
Enter the IP address of your server instead of server_ip. If you selected an SSH key for authentication, the command will look like this:
ssh root@server_ip -i path/to/ssh/key
To update packages on the system, use the following command:
After the process is complete, you can clear the cache to free up disk space.
dnf clean all
Creating new users
To use the server with other people, it’s a good idea to create an individual account for each of them. To do this, use the following command (replace username with the name of new account):
To set a password for it:
And allow the new user to execute sudo commands:
usermod -aG wheel username
Note that this will give the user big authority to manage the system, remove and install packages, and so on.
If you have selected an SSH key for authentication, you can add a password method for other users. To do this, open the SSH daemon configuration file.
Find the PasswordAuthentication line and change it to yes.
To enable SSH key authentication (if it is disabled):
Now restart SSH service.
systemctl restart sshd
SSH key configuration
Another way to increase server security is to use SSH keys and disable the password for user authentication. To do this, each user must create a pair of public and private SSH keys on their local machine (It is a good idea to set a passphrase during key creation):
And copy them to the server.
When all users have configured authentication using SSH keys, you can set no for PasswordAuthentication in the /etc/ssh/sshd_config file.
To start the firewall and enable its autorun, use the following command:
systemctl enable --now firewalld
You must add a permission rule for each service that you plan to use. For example, let’s open the HTTPS port.
firewall-cmd --permanent --add-service=https
After adding the rules, reload firewalld.
It’s a good idea to change the standard SSH port to reduce the risk of automatic password guessing. Open the /etc/ssh/sshd_config file. Uncomment the following line and change the value to 2266 for example:
Save and close the file. Add this port to the firewall and remove the default one.
firewall-cmd --add-port=2266/tcp --permanent
firewall-cmd --permanent --zone=public --remove-service=ssh
Then restart the service.
systemctl restart sshd
Add the port number to connect via SSH now:
ssh root@server_ip -p 2266
Now the initial server setup with CentOS 8 is completed.