This is an old revision of the document!
Upon logging in to your VPS for the first time, one of the first things you will want to do is change the default root password by typing “passwd” at the prompt. Don't forget this password as there is currently no way to recover it.
Additionally, the debian build comes with a generic account called 'testuser' that has a password of 'testuser'. This is a major security concern, so before you put your system online, you should either change the password, or even better, delete the account all together.
To change the password:
passwd testuser
To delete the account:
userdel testuser
It is a good habit to create a regular user account for working, using “su” to obtain root privileges as needed. To create a regular user account:
useradd -m <username>
This user will be able to perform administrative tasks by runing “su” to obtain superuser privileges using the root password.
dpkg-reconfigure tzdata
In your control panel at vps.sdf.org, note YOUR_IP (e.g. 192.94.73.255) on the top line, and YOUR_HOSTNAME (e.g. debian99).
Start your server, and log in via the console. (default= root:root)
Open /etc/network/interfaces in an editor and add the following, replacing the text YOUR_IP with your own actual IP number, add:
auto eth0 iface eth0 inet static address YOUR_IP netmask 255.255.255.0 network 192.94.73.0 broadcast 192.94.73.255 gateway 192.94.73.1 dns-nameservers 192.94.73.20
Add this to /etc/hosts:
YOUR_IP YOUR_HOSTNAME.sdf.org YOUR_HOSTNAME
Change /etc/hostname to:
YOUR_HOSTNAME
Run/Type:
/etc/init.d/networking restart
You may wish to add ssh access to your VPS. It is highly recommended that you disable root login via ssh and use a normal user account to login.
Run/Type:
apt-get install openssh-server
Edit /etc/ssh/sshd_config and change the line:
PermitRootLogin yes
To:
PermitRootLogin no
Now restart sshd by running/typing:
/etc/init.d/ssh restart
You can now test ssh by running “ssh user@localhost”.
Refer to the following article to see how to clean up (remove packages) from your VPS:
Disable IPv6:
# echo "blacklist ipv6" >> /etc/modprobe.d/blacklist
Edit rules:
# vi /etc/firewall
*filter -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT -A OUTPUT -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 -A INPUT -j REJECT -A FORWARD -j REJECT COMMIT
Load rules (now):
# iptables -F # iptables-restore < /etc/firewall
Load rules (boot):
# vi /etc/network/if-pre-up.d/firewall
#!/bin/sh /sbin/iptables-restore < /etc/firewall
# chmod 755 /etc/network/if-pre-up.d/firewall