Initial Server Setup - Arch Linux
Time: 15 minutes
Whenever you create a new server from a base OS image, there are a few steps you should complete to ensure your server is:
- Running the latest software
Though these steps are basic, they can take a little while to complete - think of this article as a kind of introduction to best practices for being a server admin.
Note: These first few steps where you create an SSH key assume you haven’t yet created your first server yet. If you're a GoDaddy Cloud Server user and already have, you can take a snapshot of the server and then destroy it.
Set up SSH keys
SSH keys offer a secure and convenient way for you to log in to your server via SSH. The "key" portion in "SSH key" is a file stored on your computer, known as a private key. Only computers that have the correct private key can log in to the server via SSH; all others are denied.
This is much more secure than typical password authentication, which can be cracked with a "brute force" application that continually guesses passwords until it finds yours. Note that you should still set up a password with your SSH keys to provide another layer of protection.
How you set up an SSH key depends on your operating system:
Note: GoDaddy Cloud Server users should complete these steps before creating their servers.
Create your server
Now that you have your SSH public key stored in your account, you can create servers that will let you log in using it. Use one of the following sets of instructions based on your situation:
|This is my first server||Create a server|
|I took a snapshot earlier||Create server from snapshot|
|I'm not using GoDaddy Cloud Servers||Use your provider's documentation for creating servers|
Note: GoDaddy Cloud Server users should be mindful to select your SSH key in the Security info section when creating the server.
Disable remote root SSH login
To ensure your server is as secure as possible, you should disable remote root account login. GoDaddy Cloud Server customers do not need to complete this step; we've already done it for you.
- Connect to your server via SSH (Mac/Windows)
sshd_config:sudo vim /etc/ssh/sshd_config
- Add or edit the
PermitRootLoginparamater to have a 'no' value:PermitRootLogin no
- Save file changes:
- Restart the SSH service:
sudo systemctl restart sshd
Update your software versions
Ensuring all of your software is updated prevents potential security compromises.
- Upgrade all currently installed software on the system.
sudo pacman -Syu
Now that your server is secure and up-to-date, we have some additional optional steps you should complete.