Skip to main content

How to Create a New User in CentOS

By

 How to Create a New User in CentOS 

In this article, we’re going to show you how you can create a new user in CentOS Cloud Servers. This is a task you will want to complete as soon as possible during your initial VPS setup phase, because you are advised against using the default “root” user account for your daily tasks. Below, we will also show you how to: 

  • How to Create a New User in CentOS 

  • Disallow Root Logins 

  • Login with SSH Keys 

  • Next Steps 


How to Create a New User in CentOS 

Remember that we are currently assuming the root user when first logging into the VPS. Without a superuser account, these commands would require that you add “sudo” at the beginning of the command line to run properly. 

Be sure to substitute your custom username in place of “username” as used below. 


Step 1: Create the user with this command: 



Step 2 : Assign a secure password for this user: 


Step 3: Add the user to the wheel group: 


Now we have a new user who belongs to the “wheel” group. Being in the wheel group means that the user can assume root privileges, when necessary, by adding “sudo” before any command that requires elevated privileges. 



Disallow Root Logins 


As an extra security step after you create a new user, you can disallow root logins over SSH. To do this, you can log in again as the root user or stay logged in from the session above to edit your SSH configuration file. 


Step 1: Edit the configuration file with your preferred text editor (Nano, Vim, Vi, etc.): 



Step 2: Edit the line that begins with PermitRootLogin: 


Step 3: Save and exit the file. 

Step 4: Restart your SSH service: 


How to Login with SSH Keys 


This is very important to set up because your account automatically disables password authentication. This means you will need to log in with SSH keys to use your new user. 

 

Step 1: Switch to your new user if still logged in as root: 


Step 2: Change directory to home: 


Step 3: Make an .ssh directory: 


Step 4: Navigate into the new .ssh directory and create an authorized keys file: 


Step 5: Paste your public key into the authorized_keys file. This would be everything in the

.pub file from your current SSH key. 


Step 6: Change permissions for the .ssh directory: 



Step 7: Change permissions for thauthorized_keys file: 




Next Steps 

Make sure to test your new login in a separate terminal window before logging out of the root user. If there are any issues, you can resolve them in that terminal session. Once you’ve completed this task, consider taking additional steps to secure your Linux server. Change the default SSH port from 22 to uncommonly used port to defend against malicious port scans and SSH-based cyber-attacks. Learn how to audit your web server logs or implement a security event management application to track SSH login attempts.


Comments

Post a Comment

Popular posts from this blog

Office 365: How to force users to change their password /O365

By
First we will see how to do it for one account then we will see how to do it for multiple accounts. 1. Install Prerequisites:       We will need MSOnline module to connect to Office 365 with PowerShell.         Open a PowerShell prompt with administrator rights : 2. Install MSOnline module :               It will Also install NuGet Provider , accept and yes to continue.   3.Connect to Office 365     Use Connect-MsolService  to open the Microsoft Office 365 sign in window :       Now a Pop Up windows will open For Microsoft Oath2 Security , Name and password of Administrative user or Global admin must be given here for making any changes.     4.Reset user password :           4A.Force new password :                        With this command we can set a password for a...
Post a Comment
Read more

How to Reset Forgotten Password on Kali Linux

By
          Kali Linux is a Linux distribution used in the Cybersecurity domain. It is maintained and funded by Offensive Security. Kali Linux is Debian based and it uses the Debian repository for most of its packages. This Linux distribution is designed for digital forensics and penetration testing. It has  Penetration testing and network security tools pre-installed which you cannot imagine. It is completely free and open source. So you can use it for free and even contribute to its development.         Now forgetting login credentials is an annoying thing in the case of any operating system. Resetting forgotten passwords often comes with the risk of data loss and requires a lot of effort if you are not a technology enthusiast. This article will be a simple step-by-step guide on resetting forgotten passwords on Kali Linux. How to Reset Forgotten Password on Kali Linux?           In this section, we will ...
Post a Comment
Read more

How to create a “Let’s Encrypt” certificate on Windows ,

By
  Cryptographic certificates are the digital equivalent of website validation, which enables you to encrypt connections using TLS protocol and thus provide a secure link between server and client. There are both paid and free certification centres. Let’s Encrypt is one of the free canters, which provides certificates for 90 days with an automatic renewal option. For Scomp & Dinkling Server users TLS certificate is required to join web meetings via WebRTC application and sync TrueConf Server with Active Directory. Table of Contents Step 1: Getting started. Step 2: Creating a certificate.     Step 1: Getting started. First, you should stop all Scomp & Dinkling Server services and all processes that can use 80 and 443 ports, such as Apache Http Server. To create a TLS certificate on Windows, download the ACME Simple (WACS) program. Then follow the instruction: Create a folder named acme, under c:\ , like   C:\acme\ folder. Extract the do...
Post a Comment
Read more