Updated 18 Nov 2013
Why Arch Linux? * Getting started * Some terminal commands to keep handy * Log on to your VPS * Create a new superuser * Configure SSH port and disable root login * Update Arch Linux * Installing software on Arch Yaourt
Arch Linux is a barebones Linux distro, with very few desktop or server features pre-installed. (There is no Graphical User Interface, for example.) Because of this, Arch is a very lightweight operating system, taking up very little of your VPS' precious resources. You can install only the software that you need, as you need it.
Arch Linux is also great for online documentation and community support. So if you get stuck, wiki.archlinux.org is a good place to start, or try the online forums.
Arch is a rolling-release distribution. This means that you never have to perform elaborate system rebuilds or installations to upgrade to the newest version of the operating system. Every time you update your system (say, once a week) you will be running the very latest version of Arch. Updates usually take a matter of seconds.
You should already have your new VPS account with Arch Linux as your operating system of choice. With the IP address and root password provided, you can log into your VPS as the root user from the command line.
In this context, "command line" means using a program called an SSH client (or terminal). SSH stands for Secure Shell. An SSH terminal enables you to log on remotely to your server, through an encrypted connection, and control the server as if you were physically at it, through a text-based interface. The SSH terminal on your local machine can do this by interacting with the SSH server installed on your remote VPS.
Windows users will need to download and install an SSH client like Putty. Mac OSX users can use the pre-installed terminal called, wait-for-it, Terminal.
|clear||clear the terminal history|
|ls||list directory contents|
|mkdir||make a new directory|
|pacman -S package_name||install a package|
|pacman -Syu package_name||Sync, refresh the package database, and upgrade your entire system|
|pacman -Rs package_name||remove a package|
|nano||open a file using the Nano text editor|
|rm||remove a file or directory|
|man ls||show the manual for the ls command|
|man ssh||show the manual for the ssh command|
Login as the root user, substituting 220.127.116.110 for the IP address of your VPS:
ssh firstname.lastname@example.org (then hit ENTER)
Skip this next part in yellow if it doesn't apply to you.
If you're using Terminal on a Mac and have recently reinstalled the operating system of your VPS having been previously logged in, you may be denied:
The easiest way to proceed right now is to delete the known_hosts file (on your local machine), so that it gets rebuilt by Terminal. Change directory to /Users/username/.ssh using the command:
(Substitute username as appropriate.)
Remove the known_hosts file:
(cd takes you back to the root directory.)
Try logging in again:
You should get something like this (here I'm using Terminal on a Mac):
Type yes and hit ENTER.
Now enter the root password of your VPS, and...
You're logged in to your Arch Linux VPS! To celebrate, change the root password using passwd:
The super user called 'root' is too easy to guess and has total system control. By creating another user (with super user privileges) and then blocking root access, your VPS will be a bit more secure against unauthorised access. Create a new user called 'john':
You have just added a new local user called john.
Change john's password:
As of yet, only the root user has all of the administrative capabilities on the virtual server. You are going to give john root privileges too. This is done in what's called the sudo configuration file. Edit the sudo configuration file using the command:
Vi is a pre-installed command line text editor, but it does not recognize arrow keys. Move down using j, up with k, left with h, and right with l.
Find the section called "User privilege specification". It will look like this:
You can begin editing the text by pressing "a", and delete text by pressing ESCAPE and then x. Add the following line right after, granting all the permissions to your new user:
Press ESCAPE and then SHIFT+zz to save and exit back to the command line.
When you perform any root tasks with the new user, you will need to use the word sudo before the command. This is a helpful command for 2 reasons:
For the moment though, you're still logged in as root.
Nano is a simple command line text editor that's very newbie-friendly and installed by default in Arch. You can use the arrow keys to navigate through text. Open the SSH configuration file for editing using Nano:
Find the following entries and change the information where applicable. Be sure to uncomment the lines by deleting the preceding hash #.
Port: Although port 22 is the default, you can change this to any number between 1025 and 65536. In this example, I am using port 3456. Choose and make a note of the new port number. You will need it to log in in the future and to configure your firewall.
Why do this? Port 22 is the standard port for connecting to SSH services. Malicious scanners are relatively unsophisticated scripts that port scan large blocks of IP addresses one at a time to see if port 22 is open. When they find one that is, they will launch some sort of attack on it (brute force, dictionary) to recover the password and gain control over the server. There is therefore some low-level security provided by changing port number, but only for this type of opportunistic attack. Perhaps the best reason for doing this is that your server will save on the computing overhead from having to respond to repeated requests on port 22 from scanners.
PermitRootLogin: change this from yes to no to stop future root login. You will only be logging in as the new super user john.
Hit CTRL+o and then ENTER to save the modifications you just made and then CTRL+x to quit Nano and get back to the command line.
Restart the server's SSH service, and it will implement the new ports and settings.
If you get:
Then do as suggested:
To test the new settings (do not log out of root yet!), open a new terminal window and login as your new user.
Don't forget to include the new port number. (That's what the -p is for.)
Your command prompt should now say:
Once you know you can log in to your VPS as your new user, you can exit out of root. On your original terminal window as root, type:
Then you can close that window.
Logged in as your new user, the first thing to do is a system update. Arch uses a package management program called pacman to easily manage updates. Sync, refresh the package database, and upgrade your entire system with:
Or, same thing, but quicker:
If you are prompted to upgrade pacman itself at this point, respond by pressing Y, and then reissue the sudo pacman -Syu command when finished.
Arch is a rolling-release distribution. This means the user doesn't have to reinstall or perform elaborate system rebuilds to upgrade to the newest version. Issuing pacman -Syu periodically keeps the entire system up-to-date. At the end of this upgrade, the system will be completely current.
Arch's developers will provide important information about required configurations and modifications for known issues. The Arch Linux user is expected to consult these places before performing an upgrade. The easiest way to keep in touch with developments is by subscribing to the feed on Arch's homepage at www.archlinux.org.
Before installing any programs, there are some prerequisites to take care of. This means installing the build essentials, which are needed to compile packages on Arch Linux.
This command asks pacman to install ABS, the Arch Build System, and base-devel, a collection of compiling tools. These tools allow the creation and installation of Arch Linux packages. Read more about ABS here.
Arch Linux packages are created by first writing a PKGBUILD file, which is a script describing a package and containing:
Where do you find Arch Linux packages to install?
Essential and popular software can be found in the Official Repositories, readily accessible via pacman. Read more about Arch's official repositories here.
Other software may be found in the Arch User Repository (AUR). This is a community-driven repository for Arch users. It contains package descriptions (PKGBUILDs) that allow you to compile a package from source using the command makepkg and then install via pacman. A good number of new packages that enter the official repositories start in the AUR. In the AUR, users are able to contribute their own package builds (PKGBUILD and related files). The AUR community has the ability to vote for or against packages in the AUR. If a package becomes popular enough (provided it has a compatible license and good packaging technique) it may be entered into the official [community] repository (and therefore be directly accessible by pacman or abs).
Users can search for and download PKGBUILDs from the AUR Web Interface.
There exists a community-contributed wrapper for pacman called Yaourt (Yet AnOther User Repository Tool). Yaourt simplifies the search, compilation and installation of Arch packages by adding access to the AUR and automating the build and install process. You can install Yaourt using pacman like this:
You'll need to sync Yaourt with the AUR:
You can then search the AUR or Arch's official repositories' packages like so:
Yaourt provides interactive prompts for installation. Or, if you know the exact package name:
Yaourt uses the same syntax as pacman, but also adds further options. Yaourt does not require sudoing - it will ask you for your password as required. Read more about Yaourt here.