Upgrade package management system
First, use the following command to upgrade the package management system:
- sudo apt-get update && sudo apt-get upgrade
Create users and configure account permissions
For the sake of server security, we should avoid using the root user to log in directly; instead, we should create a new user and use this user account to log in to the remote server:
If using centos:
useradd oli # add new user passwd oli # password usermod -g root oli # set user to root group # /etc/sudoers ## Allow root to run any commands anywhere root ALL=(ALL) ALL oli ALL=(ALL) ALL
Creating users with Ubuntu is simple:
Use the adduser command to:
# Add Account $ adduser oli # Automatically add the user oli to the group oli, and generate / home/oli # Adding user 'oli' # Adding new group 'oli' # Adding new user 'oli' with group 'oli' # Creating home directory '/home/oli' # Copying files from '/etc/skel' # Fill in user personalized information # Enter the new value, or press ENTER for the default # Optional
Then authorize the user:
# User group $ gpasswd -a oli sudo # Add oli to group sudo # In this way, you can partially have the relatively high permission of root, and you can execute the command with higher permission by entering the password # Adding user oliver to group sudo # Modify profile $ sudo visudo # Add a new line of oli setting under the root user setting line of User privilege specification: oli ALL=(ALL:ALL) ALL # Corresponding to: # Effective for all sudo; oli can execute commands for any user; oli can execute commands for any group; this rule applies to all commands # It means that sudo can execute any command that root can execute as long as the password is provided
Verify success
Create a new terminal session, use the new account to remotely connect, do not close the root window
ssh oli@xxx
If it fails, you can immediately return to the root login window and try to restart the ssh service: service ssh restart. That's why you need not close the root login interface temporarily
At this point, the new user was created successfully.
ssh login without password
Generate a private key and a public key, upload the public key to the server, and automatically compare the key algorithms each time you log in. If it is correct, you can log in successfully
(1) client configuration
$ ls ~/.ssh # If it is empty, no ssh key has been created. Otherwise, there will be two files named id_rsa.pub id_rsa # New public key and private key $ ssh-keygen -t rsa -b 4096 -C "oli@xxx.xxx" # Two files will be generated: id_rsa and id_rsa.pub # agent $ eval "$(ssh-agent -s)" # Agent pid ... # If SSH add / path / to / xxx.pem is executed, this error will occur: Could not open a connection to your authentication agent, execute the following command first: $ ssh-agent bash # File accession $ ssh-add ~/.ssh/id_rsa
(2) server configuration ~ /. ssh/authorized_keys file
First execute the above client code, and then create authorized_keys:
# Copy the public key information in the id_rsa.pub of the client to this file $ vi ~/.ssh/authorized_keys # File permission settings $ sudo chmod 600 ~/.ssh/authorized_keys # Restart ssh service $ sudo service ssh restart
At this point, you can then log in to the server through ssh without a password
Welcome to my subscription number: "JS bacteria"
