These steps were originally documented by mediatemple.net and I am copying it here for incase that source disappears on me.
STEP 1 - Add the user. In the following example, we will use the user name admin. The command adduser will automatically create the user, initial group, and home directory.
[root@root ~]# adduser admin
[root@root ~]# id admin
uid=10018(admin) gid=10018(admin) groups=10018(admin)
[root@root ~]# ls -lad /home/admin/
drwx------ 2 admin admin 4096 Jun 25 16:01 /home/admin/STEP 2 - Set the password for the admin user. When prompted, type and then retype the password.
[root@root ~]# passwd admin
Changing password for user admin.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@root ~]#STEP 3 - For sudo permissions for your new admin user, use the following command.
[root@root ~]# echo 'admin ALL=(ALL) ALL' >> /etc/sudoersSTEP 4 - SSH to the server with the new admin user and ensure that the login works.
[root@root ~]# ssh [email protected]
[email protected]'s password:
[admin@admin ~]$STEP 5 - Verify that you can su (switch user) to root with the admin user.
[admin@admin ~]$ su -
Password:
[root@root ~]$ whoami
rootSTEP 6 - To disable root SSH login, edit /etc/ssh/sshd_config with your favorite text editor.
[root@root ~]# vi /etc/ssh/sshd_configChange this line:
#PermitRootLogin yes
Edit to this:
PermitRootLogin no
STEP 7 - Ensure that you are logged into the box with another shell before restarting sshd to avoid locking yourself out of the server.
[root@root ~]# /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[root@root ~]#