This tutorial is intended as a basic introduction to Linux for users of Red Cloud services who are using a Linux Instance. There are two Linux distributions available for images on Red Cloud: Ubuntu and CentOS. In this tutorial, you will learn how to add a user, install software using the distribution's package manager, how to enable remote password logins, and several related tips. There are some common commands between both distributions, and a section for the specific commands on Ubuntu and CentOS. While many commands are similar across Linux systems, package management, service control, and to a lesser extent, user management, are some of the areas that will differ from distribution to distribution.
This section contains some basic working definitions to help you through this tutorial if you have never used Linux before. This list and the definitions in it should not be considered authoritative.
directory - folder terminal (A.K.A. console or shell) - command - a task for the computer to execute that is entered via the terminal package - an archive of software and metadata that can be downloaded, installed, and removed via a package manager root - the system administrative account sudo -
Basic Useful Commands
- print working directory
- list directory contents
- change directory
cd ~will take you to your home directory
- manual pages for the specified command
history : displays a list of commands that have been executed via the terminal
- outputs the contents of a file to the terminal, with many other options available (check out
man catfor more info)
- prints lines matching a specified pattern
The "ubuntu" user
explain Ubuntu root user weirdness
Initial User Setup
Once you have set up a user with sudo privileges and ensured that you can indeed login and perform sudo commands successfully (it would be good to test this to be sure), you may want to secure the root login by disabling it.
Disable root login: This must be done while logged in either as root or your user with sudo privileges.
- Change the the line
- Note: if this line is commented out (with a
#character in the front), you will need to uncomment it.
service sshd restart
When you exit, you should verify that you cannot login as root, but that you can still login as your user. For more information, see the CentOS guide on Securing OpenSSH.
In this tutorial, you will learn how to add a user, install software from the Linux distribution's package repository, how to enable remote password logins, and several related tips. This tutorial was designed with Ubuntu/Debian systems in mind, but most of the listed commands have the associated Red Hat/CentOS command in parentheses where there is a major difference. While many commands are similar across Linux systems, package management, service control, and to a lesser extent, user management, are some of the areas that will differ from distribution to distribution.
After starting an instance, you will be logged in as the administrative root user. You can create a regular user account:
adduser <username> (redhat: also do passwd <username> to set password)
Note that <username> could be e.g. ‘bob’, it doesn’t need to be (and really should not be) a Cornell netid, since you can optionally configure your instances to allow use of netid and netid passwords for project members. Multiple users may be added at the instance owner’s discretion.
adduser <username> sudo
This will add <username> to the sudo group, which will enable <username> to easily install software and perform other administrative tasks without needing a root login. This has the advantage of making it more difficult to accidentally do something unfortunate to the system. On Red Hat/CentOS, the process is different; run visudo as root and add the line: <username> ALL=(ALL) ALL
To log in as the new user: ssh <username>@localhost
You can replace localhost with the public IP of the machine if you are logging in remotely, instead of from an existing root login on the instance. Controlling SSH authentication, needed for logging in, is beyond the scope of this article, but we will say that for password authentication to work, you may need to change the PasswordAuthentication to 'yes' in /etc/ssh/sshd_config, and restart the ssh daemon. Restarting daemons varies from system to system, but can be done by stopping and starting the instance if it is based on an EBS image.
Alternatively, the recommended approach is to use a public-private keypair. First, as your user, generate a keypair: ssh-keygen -f username creates two files in the current directory; username.pub is the public key, which you could append to the users ~/.ssh/authorized_keys on your server. The username file should be copied (using your root credentials) and sent securely to the user who needs it. That user can then login like so (note the first <username> corresponds to the private key file we generated):
ssh -i /path/to/<username> <username>@localhost
On the server, make sure the user's .ssh directory has correct permissions:
chmod 700 ~username/.ssh
Now we can install an application, but first let’s make sure our package database has all the latest package information by running sudo apt-get update. After this completes, install the screen-saving program tmux, which is often useful in case your connection is dropped (either intentionally or unintentionally) or if you want to have multiple terminals available without needing to login each time:
sudo apt-get install tmux (redhat: yum install tmux)
For information on using tmux, please find a tutorial elsewhere.
To find available packages (available from currently installed repositories), the following command may be used: aptitude search <partial name> (redhat: yum search <partial name>), where is part of the package name. For instance, here are the first 6 results for aptitude search python:
p bpython - fancy interface to the Python interpreter p bpython-gtk - fancy interface to the Python interpreter p bpython-urwid - fancy interface to the Python interpreter p bpython3 - fancy interface to the Python3 interpreter p cairo-dock-plug-ins-dbus-interf - Python interface to interact with Cairo-Do p cantor-backend-python - Python backend for Cantor
Note that the ‘p’ in the first column means that no trace of package exists on the system (run man aptitude for more details).