Easy to follow video for the Digitial Ocean, Initial Server Set-up for Ubuntu 12.04; security.
Basically, we are going to add a new user, disable root SSH access and change the default SSH port from 22.
Step One—Change Root Password
Change the root password Digital Ocean allocated to you to something else.
Step Two—Create a New User
After you have entered a secure password, you can leave everything else blank; just press enter
Step Three—Root Privileges
Let’s assign your new user root access.
User privilege specification root ALL=(ALL:ALL) ALL
and then add this…
neggs ALL=(ALL:ALL) ALL
Type ‘cntrl x’ to exit the file. Press Y to save; press enter, and the file will save in the proper place.
Step Four—Secure SSH
Let’s disable root SSH access and change the default port from 22.
Open the configuration file…
Find the following sections and change the information where applicable: We have changed 22 to 25000, but this can be anything between 1025 and 65536.
Port 25000 Protocol 2 PermitRootLogin no
Now allow only the new user you have created to have SSH access.
UseDNS no AllowUsers neggs
Step Five—Reload SSH
Step Six—Test it!
WITHOUT logging out as root, open a new SSH connection (new putty window) and log in with your new user (neggs) and new port number (25000).
The reason why we leave root still logged in, is in case we have made a mistake. If we log out, we may never be may to log back in again as root!