Initial Server Setup with Ubuntu 20.04
In this tutorial, we will do the initial server setup with Ubuntu 20.04. Cloud server Serverspace.io used as a base. The network is configured for them automatically during creation, so you don't need to worry about it.
System update
The system must be updated after it is installed.
apt update
apt upgrade
Restart the system when the process is complete.
reboot
Creating users and SSH configuration
By default, only the root user is created in the system. To use a server with multiple people, it's best to give each person a separate account. To create a new user, use the following command. Replace the username with the login. Enter your account password and other information.
adduser username
If you selected SSH key authorization while creating the server, you can enable password authorization. To do this, open the SSH configuration file:
nano /etc/ssh/sshd_config
Uncomment the line:
PasswordAuthentication yes
Or if you need to add the ability to authorize using an SSH key, then uncomment this line:
PubkeyAuthentication yes
It's a good idea to change the default SSH port if you enable password authentication. This reduces the likelihood of server hacking by automatically cracking the password using the brute force method.
To do this, uncomment the Port string and set it to a different value. 3355, for example.
Port 3355
Save and close this file. Restart the service for the port settings to take effect.
systemctl restart sshd
Now, to connect to the server, add the port number to the command:
ssh user@host -p 3355
Another good thing to improve server security is to use Fail2Ban.
If you want to create an SSH key, use the following command on a local Linux machine. Enter the path to place the key and the password for it, which may be empty. However, for security reasons, it is highly discouraged to use keys without a password.
ssh-keygen
To install this key on the server use the following command on a local Linux computer. Enter the correct key path, user name, and host.
ssh-copy-id -i /path/to/key user@host
Use this command to access the server:
ssh user@host
UFW configuration
UFW is a firewall. By default, it is disabled on the server. Before enabling it, you need to configure it to allow SSH connections.
ufw allow OpenSSH
If the standard SSH port has been changed, then you need to open this port.
ufw allow 3355/tcp
Now, enable UFW.
ufw enable
All ports are now closed to incoming connections, except those that were allowed. To see the UFW status:
ufw status
Time settings
Another thing that needs to be configured is the time in the system. To see the current time, enter the command:
date
The default time in the system is UTC. To change this, you must specify the correct time zone. To view all of them, use the command:
timedatectl list-timezones
To set one of them:
timedatectl set-timezone Europe/Prague
To enable automatic time synchronization, install this package.
apt install ntp
It will be launched immediately after installation and your server will have the correct time.