Because a develop the resource EVILEG, I decided to move it to the domain COM, and transfer the website from CMS Wordpress to the framework Django. With Ruby On Rails somehow it did not work out, but with the Django process has gone almost immediately.
I did not choose another hosting, and I stayed with the current hosting TIMEWEB , by the way recommend to those who have not yet decided on his future hosting VDS.
And now we go to the initial setting up access to VDS, which provides TIMEWEB.
Step 1 - Root Login
Once the system is installed from a VDS Management Console, on your mailbox, which was specified during registration, automatic letter comes from the provider, which will contain:
- IP-address of your server
- login: root
With this data, you can connect to your site via ssh:
root user - a user with the maximum permissions that can run any command, including one that could destroy valuable data on your server / PC. Therefore, it is recommended for daily use to work as user with restricted rights. And the execution of commands with elevated privileges by producing sudo utility, which provides access to commands for users who are in the group sudo users.
Step 2 - Creating a user with Root privileges
Once we connect to the server under user root, need to create user who will work with elevated privileges through the use of the sudo utility. It will also be an additional security measure, because then we will disable access to the server for the user root.
Add user to sudo group:
usermod -aG sudo username
Step 3 - adding the public key SSH authentication
Now we have a user that will work, but despite the fact that the connection via SSH is encrypted, it is still not safe, because the server can be broken brute force, that is brute force. Therefore, set up a connection via SSH keys.
We generate the key on the local machine, ie the one which will be accessing the VDS:
Add it to the VDS server
Then check the access to our server as a new user using the encryption keys:
If everything was done correctly, you will already be able to get to the VDS authenticate using SSH keys.
Step 4 - Configuring SSH access to VDS
Once we got to the server using SSH keys, we can only deny access with a password and direct access of the user root. To do this, edit the configuration file to the SSH server:
sudo nano /etc/ssh/sshd_config
Locate the following two lines to the file and bring them to the mind, as shown in this article:
PermitRootLogin no PasswordAuthentication no
Then restart the SSH service, and setting up access over:
sudo systemctl reload sshd