When last we left off, we were only half finished. What we just did was install a high-security system. What we’ll want to do next is remove the old, weaker insecurity system.
!!WARNING: BEFORE CONTINUING, BE SURE YOU ARE ABLE TO ACCESS YOUR SERVER USING PUBKEY AUTHENTICATION AND THAT YOUR SERVER IS NOT PROMPTING YOU FOR A PASSWORD. IF IT IS, CONTINUING WILL MAKE YOUR SERVER INACCESSIBLE!!
We need to make some small changes to the /etc/ssh/sshd_config file. You’ll want to run the following commands (each one should be on one line):
The first command should give no output. The second command’s output should look exactly like this (the order may be different, but the options and the way they display should be the same):
PermitRootLogin without-password PasswordAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no
If all looks okay, go ahead and run
restart ssh. Your server is now locked down to key authentication only.
Let’s say you want to install finch, the command-line version of Pidgin. Now, you COULD go to their website and see if they have an installer file (.deb format) or source tarball, manually compile/install it… or you could search the repositories!
What’s a repository?
A repository is a collection of trusted software that developers have put all in one place with the software already compiled, with some additional tweaks sometimes applied to make them work better alongside other packages you have installed. If you install from source or from a .deb file manually, the software quickly becomes out of date leading to incompatibilities at best and security holes at worst. Using a package from a repository allows you to easily install new software and update already installed software.
So using finch as an example,
apt-cache search finch
The first command updates the package cache. The second command searches for the actual package. We’re presented with several options, but we want the package finch, since the description sounds like what we’re looking for.
apt-get install finch
Updating is even easier:
Your system is now updated.
Take a look at all our hosting packages right here.