perso/huhuhu_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added infos server on tuto computer

Browse Source
This commit is contained in:
asus
2023-10-17 02:46:38 +02:00
parent cfa04e6ed5
commit 12d0d1014e
1 changed files with 23 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
tutos/computer.txt
View File

@@ -271,14 +271,30 @@ find | sort | grep -ve "node_modules/" -e ".git/" | sed 's#[^/]*/#|__ #g;s#__ |#
- add vimrc, zshrc, and screenrc in default screen windows
**ecowan server :**
- list user : **cat /etc/passwd**
- change user passwd : **sudo passwd <username>**
- changed user "root" and "ecowan" password
- sudo passwd username
- created "huho" user (with same passwd)
- added it to the sudo group so it can use sudo (`sudo usermod -aG sudo huho`)
- **sudo passwd username**
- created "huho" user with **sudo adduser <username>**
- added it to the sudo group so it can use sudo (**sudo usermod -aG sudo huho**)
- did not add it to the sudoers file (`visudo` then add line `huho ALL=(ALL) ALL`)
- disabling user "ecowan" shell access with `sudo usermod --shell /sbin/nologin ecowan`
- https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false#10867
- its possible to re-enable it with `sudo usermod --shell /bin/bash ecowan`
- disabling user "ecowan" shell access with **sudo usermod --shell /sbin/nologin ecowan**
- https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false#10867
- its possible to re-enable it with **sudo usermod --shell /bin/bash ecowan**
- to see the shell of a user : **grep <username> /etc/passwd**
- added ssh pub key by running this command in local :
- ssh-copy-id username@server_ip
- **ssh-copy-id username@server_ip**
- then changed ssh configuration file `/etc/ssh/sshd_config` to enable ssh key connection only :
- Set PasswordAuthentication no to disable password-based authentication
- Set ChallengeResponseAuthentication no to disable any keyboard-interactive authentication
- Ensure that PubkeyAuthentication yes is set to allow public key authentication
- restart ssh with **sudo service ssh restart**
- create a new user "user_sav" with the same ssh key to have a backup connection
- if i wanted i should change file `/etc/ssh/sshd_config`, and add the 3 commented lines :
- #Match User user_sav
#PasswordAuthentication yes
#Match all
PasswordAuthentication no
PermitEmptyPasswords no
- to let user_sav be able to connect with a password instead of a ssh key