Please enable JavaScript.
Coggle requires JavaScript to display documents.
Linux & SSH (Linux Commands and Setup (Systemd (PM2 uses systemd to…
Linux & SSH
Linux Commands and Setup
-
-
-
Add User: useradd -c "Joe Blogs" -s /bin/bash -m joe
Password: passwd shabba
Alternative: use adduser <name> to be prompted for info
Install sudo:
:star: apt-get install -y sudo - already done on Ubuntu
visudo to inspect User privileges
Set up a Node Service
1.sudo apt-get install -y curl
2.curl -sL https://deb.nodesource.com/setup_5.x | sudo -E bash -
3.sudo apt-get install -y nodejs
setup PM2:
1.sudo apt-get install -y build-essential git
2.cd /var/aopdata/fooapp
3.sudo npm install pm2
Make user who can't log in and whose home folder is under /var/appdata/fooapp:
sudo useradd -r -s /bin/false --home /varappdata/fooapp fooapp
Systemd
-
-
Look at this tutorial for systemd service - to get it to restart on server restart
-
To update specific programmes look in: /etc/apt/sources.list
:star:Add OpenSSL:
echo "deb http://security.ubuntu.com/ubuntu wily-security main" | sudo tee -a /etc/apt/sources.list
sudo-apt-get update
sudo apt-get -t wily-secuirty install -y openssl
-
-
-
-
Proxy
Common mistake - running node process with root privileges because binding a low port number 80,443 requires high privileges
-
-
Nginx is better at SSL handshakes which is a resource heavy operation - don't want single threaded app to do it
-
Secure Shell (SSH)
Cryptographic network protocol for operating network services securely over an unsecured network (e.g. remote login)
Default- in Linux root directory there will be a ./ssh file
:star: Look in authorized_keys file and copy the public key to the server
Disable ssh for root login (secure) -
1.cd /etc/ssh/ssh_config
2.PasswordAuthentication no
PermitRootLogin no
3.Reload ssh : etc/init.d/ssh reload
If get "WARNING:REMOTE HOST IDENTIFICATION HAS CHANGED"
Delete the IP in known_hosts file and try again (/.ssh/known_hosts)
or ssh-keygen -R <hostname or ip>
Ports
-
-
FTP on port 21 which is used for unencrypted file transfers
sudo ufw allow ftp or sudo ufw allow 21/tcp
-