Centos 7 | Initial Setup – Part 1

by / Monday, 21 July 2014 / Published in Centos 7

Centos 7 | List all installed packages and running services

Today we will be looking at exactly what is installed on our newly provisioned VPS which Digital Ocean has created for us. We will also be looking at which default users exsist, create a new user and add that user to the sudoers group.

Step 1: Login as root & change password

Once a connection is established you will be prompted with the following;
As you can see Digital Ocean’s provisioned server has reset root password enabled on first login. This is pretty cool and adds a layer of security, locking them out of your server. Follow the instructions and change that password immediately.

Step 2: List users and groups

Let’s see which users are created by default on Centos 7.

This will list all users created initially. You should see something similar to this;

Step 3: Add New User

No that we have a list of users, let’s create a new user. This user account will serve the purpose of logging into the VPS and running administrative as well as maintenance tasks. This way we can disable root login and add an additional layer of security. In this example, you can replace your-username with whatever you choose as the username.

When we add a new user in Linux with ‘useradd‘ command it gets created in locked state and to unlock that user account, we need to set a password for that account with ‘passwd‘ command.

Once a new user created, it’s entry is automatically added to the ‘/etc/passwd‘ file. The file is used to store users information and the entry for the newly added user will look something like this;

Step 4: Add newly created user to sudoers

Now that you have a new user on your system, you need to decide if this user should be able to perform administrative tasks with sudo. If the user you created will be your primary user on the system, you usually want to enable sudo privileges so that you can do routine configuration and maintenance.

All changes made to any sudo user needs to be made using the ‘visudo’ command. Invoking this command will open the ‘/etc/sudoers’ file in VI

Once the file is open, type

This will display the line numbers in the file. At around line number 97 you will see

We will need to now add your newly created user to this list in order for that user to have administrative privileges. add the following to a newline. Press ‘Shift & I” to insert new text.

Once completed, press escape, then  “:wq” this will write the new text to the file and quit out of VI.

Next, you would need to test if you are able to login to your VPS with the newly created user account. Open a new terminal window login using the root account, you should be prompted for the password for root like you usually do, but this time you will get the following error.

Step 5: Disable root login

As a further layer of security, I usually disable the root user from logging into any of my VPS’s. To do this all you need is to edit the ‘/etc/ssh/sshd_config’ file in vi. Make sure you are the root user when editing this file.

Exit and save (:wq).

Finally, test in a new terminal window if you are able to do the following;

  1. Login as root – It’s expected that you won’t be able to
  2. Login as the new user you created – This should work

Hope this was helpful. Our next post will be dealing with how to setup and install Apache, MySQL and PHP.

TOP