ユーザアカウント作成とアクセス権設定
Nid: 1141
- サーバへssh接続。
$ ssh root@xxxxxxxxx.ip-51-68-xxx.eu
- root パスワード変更
# passwd Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
- rootでのsshログイン不許可設定
# sed -i.org -e "s/^PermitRootLogin yes/#PermitRootLogin yes/" /etc/ssh/sshd_config # diff /etc/ssh/sshd_config.org /etc/ssh/sshd_config < PermitRootLogin yes --- > #PermitRootLogin yes
- ユーザ作成とsudo設定
# useradd -d /home/<username> -s /bin/bash -m <username> # passwd <username> Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully # usermod -aG sudo <username>
- アップグレードおよびリブート。
# apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade && apt-get -y autoremove # reboot
- root でsshできないことを確認。
$ ssh root@xxxxxxxx.ip-51-68-xxx.eu root@xxxxxxxx.ip-51-68-xxx.eu's password: Permission denied, please try again.
- 作成した一般ユーザでアクセスできることを確認
$ ssh -o "ServerAliveInterval 60" username@xxxxxxxx.ip-51-68-xxx.eu
- 環境確認
$ uname -a Linux ns3130598 4.15.0-42-generic #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ cat /etc/issue Ubuntu 18.04.1 LTS Linux ubuntu 4.15.0-42-generic #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux ...
$ sudo netstat -tulnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1375/named tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 1231/systemd-resolv tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1614/sshd tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1375/named tcp6 0 0 ::1:53 :::* LISTEN 1375/named tcp6 0 0 :::22 :::* LISTEN 1614/sshd tcp6 0 0 ::1:953 :::* LISTEN 1375/named udp 0 0 127.0.0.1:53 0.0.0.0:* 1375/named udp 0 0 127.0.0.53:53 0.0.0.0:* 1231/systemd-resolv udp6 0 0 ::1:53 :::* 1375/named