This article helps you change the following items if your cloud provider didn't do that for you.
- Create your own account instead of root.
- Disable password login and force to use SSH key to log in.
- Disable root account.
Before starting the process, make sure you have a valid SSH key-pair locally.
Fist, connect to the server. (With root password).
you@local $ ssh root@server
Add a new user for you. (With password)
root@server $ sudo adduser anduin Adding user `anduin' ... Adding new group `anduin' (1000) ... Adding new user `anduin' (1000) with group `anduin' ... Creating home directory `/home/anduin' ... Copying files from `/etc/skel' ... New password: Retype new password: passwd: password updated successfully Changing the user information for anduin Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] Y
Give the user root privilege.
root@server $ usermod -aG sudo anduin
Test the new user's privilege.
root@server $ su - anduin anduin@server $ sudo ls [password]
Back to your local machine. Copy the SSH public key to your server.
you@local $ ssh-copy-id anduin@server anduin@server's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'anduin@server'" and check to make sure that only the key(s) you wanted were added.
And test if you can connect to it.
you@local $ ssh anduin@server
Now disable root sign in and password authentication.
anduin@server $ sudo vim /etc/ssh/sshd_config
no to disable the root user login. And change
no to prevent the password login.
To skip password for your account, consider execute:
anduin@server $ sudo visudo
And add the following line at the end of the file:
anduin ALL=(ALL) NOPASSWD:ALL
Don't forget to delete the obsolete user if the provider created it. (Don't delete the root user)
anduin@server $ sudo deluser default
Reboot the server.
anduin@server $ sudo reboot
And now the server can only access from you and can not log it in through password or the root account.
Finally, you can still do some further configuration. Like switching the timezone to UTC:
To switch to UTC, simply execute
sudo dpkg-reconfigure tzdata, scroll to the bottom of the Continents list and select
None of the above; in the second list, select
UTC. If you prefer GMT instead of UTC, it's just above UTC in that list.
To benchmark the CPU:
anduin@server $ sudo apt-get install sysbench $ sysbench cpu run