I can’t believe how much I’ve learned in 19 days of class. My last blog post was about understanding iterations, and now it’s hard to image a time when that didn’t make sense to me.
- Highlights of the last few weeks include:
- Hearing Steve Klabnik speak about contributing to open source projects and his work on Rails.
- Building my own webserver on Dediserve.com with the help of Spike Grobstein
- Understanding the breakdown of a MVC. I will never complain about my facebook page taking an extra 2 seconds to load ever again, especially on my mobile device. It really is like magic.
- Learning rails week 1. and my first rails app.
While everything I’ve learned has been absolutely mind blowing, the thing that really hit home for me was how intricate a process it is just to log into facebook, twitter or online banking and have my information load in miliseconds. Along with appreciating how much work just goes into the design and coding to create the page, I also have a deep appreciate for Sysadmins, who’s sole role is to keep your site up and running on a live server. Building a web server and grasping the complexity of the call and response that goes on behind the spaces was eye-opening. This post will cover setting up your server, connecting to it for the first time, creating your own user, as well as disabling your insecure root user. [NB: Stay tuned for follow ups about installing gems, deploying with Capistrano, generating SSH keys on github, installing Passenger, and installing and configuring nginx].
So what is a web server? A web server is a combination of both hardware and software that acts as a host to content, and delivers that content in the form of HTML through HTTP to the client, which in most cases is the browser.
Creating your Server
We used Dediserve.com as our cloud provider. They offer extensive Linux based distributions. In specific, we used Linxu’s Ubuntu distribution, which is one of the most popular in use today.
Once you create an account on Dediserve.com, you’ll want to select “Cloud Nodes” in the Client Area.
Once there, you’ll be prompted to select a server hostname, a password for your server, what OS templace you would like (in this case, we used Ubuntu 12.04 x64), as well as bandwidth, disk space, memory, and CPU cores.
Once finished, Dediserve will automate an IP address for you.
An IP address is a unique set of numbers that represents a location for your server in the cloud. Every server has an IP address and every computer has an IP address. The IP addresses are what the server and computers use to find each other and communicate back and forth.
Dediserve will automatically generate your selected password as the password for the root user (or default administrator) for your server. This user has no restrictions in terms of access. Because of this, it’s considered bad practice to use this as your regular log-on. In terms of security of your server, this user is considerd insecure because it provides the easiest path for someone to hack on to your server. (Keep reading to learn how to disable the root user).
Connecting to Your Server
The next step is to create a connection to your server, using SSH. SSH stands for Secure SHell and is a way to conenct remotely to your server via commandline:
replace the XXX.XXX.XXX.XXX with your server’s IP address.
You should get a prompt delcaring that the ‘authenticity of host can’t be established’. Type
yes and you will be prompted for password for your server. Once you submit the password, you’re connected!!
Creating Your Own User
The next step is to create your own user admin, which will override the root user. To do so, you will use the
useradd --help will bring up a list of options, including
-G <groups>, and
--help argument provides a list of argument options, as well as instructions for how to use them.
We will want to run
useradd -s /bin/bash -G sudo -m USERNAME. This command adds a user to your server, selects Bash as your commandline interface, adds
sudo (or Super User Do) to your group giving your new admin full access, and then finally your new username is added to the home directory.
You’ll want to make sure and replace
USERNAME with the username that you would like to use.
Then you’ll need to create a password for your user by entering
exit will allow you to disconnect from your server. Then, relog in with you IP address, but this time prefixing it with your new username.
Disconnecting/Disabling Root User Login
Now, you’ll need to disconnect your root user’s ability to SSH into your server. The first step in this process is to edit your
You’ll open this file by entering:
sudo vim /etc/ssh/sshd_config
sudo calls the super-powers to override security,
vim is a text editor that runs within commmandline, and
etc/ssh/sshd_config is the path to the configuration file.
Once the file is open, you’ll need to locate the line,
and change it to read
To save and quit the file enter
:wq. This will both write to the file (and save it) as well as quit vim.
The final step to disable the root user is to restart the
sudo /etc/init.d/ssh restart
Now if you try to login as
root, you will be denied access to the server. You should get an incorrect password error. This will delay anyone trying to hack onto your server by simply wasting their time.
Stay tune for Part Two, deploying to your server!