How to set up a webserver: Unterschied zwischen den Versionen

Aus hyperdramatik
Zur Navigation springen Zur Suche springen
Zeile 100: Zeile 100:


  sudo systemctl restart sshd
  sudo systemctl restart sshd
If you have a mac just follow the video tutorial on this [https://www.linode.com/docs/guides/securing-your-server/, website].

Version vom 8. Februar 2021, 21:40 Uhr

What do you need?

  • an account at Linode
  • a credit card to pay for linode - it is about 7 Euro a month not for free
  • the freeware mobaXterm if you are on windows, cyberduck if mac
  • a bit of pactience

first easy steps

1. make a linode account

2. download mobaXterm/cyperduck and install

rent the linode and set up a environment to interact with it

Login in to your Linode account and hit the create button

For testing purposes start with the Nanode for 5$ - if you need something more beefy feel free to rent a more expensive linode.

Choose Debian 10 as operating system and as Region Frankfurt or the region that makes sense for you.

Give it a name and go through the process, remember your password.

Congrats, you are renting a tiny bit of a computer in Frankfurt.

So now we have to learn to make it secure and communicate with our rented beauty.

You need the IP-Address of your Linode. If you click in the browser on Linodes and than on its name you should see an overview. If you choose Frankfurt as a region the IP should start with 172.

So open mobaXterm it is the tool we will access our server with.

Create a new session and hit the SSH button.

Enter your IP as Remote Host and root as username and then ok.

And now enter your root password.

You are logged in to the console of your linode.

Then create a new user by typing this command

adduser bernadette

for this example I will call the new user bernadette just replace her for your favorite name could be yours:

And hit enter

Choose a password and enter it twice. You don´t need to give your user any more informations just hit enter four times

Now we make Bernadette to a superuser with all rights to interact with this command.

adduser bernadette sudo


Ok now you could close the session and make a new SSH Session this time you use the same IP for Remote host but for user you use bernadette and than your newly created password.

So now things get a bit more complicated but mobaXterm is your friend.

We have to create a key for login. So that just we from our computer could access our linode.

In mobaXTerm go to tools and then SSH Key Generator. Hit Generate and then give it a key passphrase(basically a password). Save the private key to a location on your pc. It is important if this file gets lost after this setup you have to set up your linode again from the beginning.

DON’T close the key generator window after you saved your private key.

Go back to the session window and type this command.

mkdir ~/.ssh; nano ~/.ssh/authorized_keys

Then you are in a file named “authorized_keys” where you could copie the long public key into. With Copy and paste. If paste is not working try to left click with your mouse. Make sure the key is in one long line. Press CTRL+X, then Y, then Enter to save the file.

Type this command to set the right boundaries for your newly created file:

sudo chmod -R 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys


Now open up a new SSH Session with your IP as Remote Server. Bernadette or your name as User but don't hit ok just yet. Click on advanced SSH and load the private key file in.

Hit ok and type your passphrase. Now you should be at the beginning but much more complicated.

So after we established this complicated connection we have to close the easy ones to make our Server a fortress so if the last step failed try it again it has to be possible otherwise you might not be able to log into your server.

Type this command and you will open up your sshd config file where you could close any other connection besides the one with your key.

sudo nano /etc/ssh/sshd_config

If you are in that file please change this line

PermitRootLogin yes

to

PermitRootLogin no

And this:

#PasswordAuthentication yes 

to

PasswordAuthentication no

The last line should change its color because we uncommented it by erasing the hashtag

Then we have to restart our SSH program by entering this command:

sudo systemctl restart sshd

If you have a mac just follow the video tutorial on this website.