###Getting Started
Login as root. If you don't specify root, you'll use the current user on your machine.
ssh root@12.34.56.78
Change root password.
passwd
Add new user and assign to the sudo or admin group.
adduser user
usermod -a -G admin user
###Copy Public Key
Copy your public key to the host using secure file copy.
scp ~/.ssh/id_rsa.pub user@1.2.3.4:/home/demo/
Create a ssh directory and apply user’s permissions.
mkdir /home/user/.ssh
mv /home/user/id_rsa.pub /home/user/.ssh/authorized_keys
chown -R user:user /home/user/.ssh
chmod 700 /home/user/.ssh
chmod 600 /home/user/.ssh/authorized_keys
###Configure SSH
Edit the config file.
vi /etc/ssh/sshd_config
Edit the following lines.
Port 30000
Protocol 2
PermitRootLogin no
PasswordAuthentication no
UseDNS no
AllowUsers user
Port: The port number can readily be any integer between 1025 and 65536 (inclusive), but should be noted for reference later when any additional listening processes are setup, as it will be important to avoid conflicts. The SSH port in your iptables should reflect the port above otherwise you will not be able to access the server remotely.
AllowUsers: If you need to allow remote logins for more than one user, add the additional users to the AllowUsers setting separated by spaces.
###Configure the Firewall
Check the current firewall rules.
/sbin/iptables -L
Copy the rules template from a public Gist file.
curl https://raw.github.com/gist/407008/ > /etc/iptables.up.rules
Overwrite the existing rules with our new file.
/sbin/iptables-restore < /etc/iptables.up.rules
Verify that the rules are correct.
/sbin/iptables -L
Save the rules permanently.
iptables-save > /etc/iptables.up.rules
Edit the following file so that the rules are loaded on restart.
vi /etc/network/interfaces
Add this line:
pre-up iptables-restore < /etc/iptables.up.rules
After this line:
iface lo inet loopback
###Verify User Account and Customizations
Reload the SSH server.
service ssh restart
Log-in as the new user with a new terminal tab or window.
ssh user@12.34.56.78 -p 30000
Add this line to the bottom of the bashrc file to add colors to the prompt.
vi ~/.bashrc
PS1='\[\033[0;32m\]\u\[\033[0;37m\]@\[\033[0;36m\]\h\[\033\[0;33m\]\w\[\033[00m\]: '
Commit changes so we can see the colors in the current session.
source ~/.bashrc