Initial Server Setup with Ubuntu 20.04
In this tutorial, we will do the initial server setup with Ubuntu 20.04. Cloud server Serverspace.io used as a base. The network is configured for them automatically during creation, so you don’t need to worry about it.
The system must be updated after it is installed.
Restart the system when the process is complete.
Creating users and SSH configuration
By default, only the root user is created in the system. To use a server with multiple people, it’s best to give each person a separate account. To create a new user, use the following command. Replace the username with the login. Enter your account password and other information.
If you selected SSH key authorization while creating the server, you can enable password authorization. To do this, open the SSH configuration file:
Uncomment the line:
Or if you need to add the ability to authorize using an SSH key, then uncomment this line:
It’s a good idea to change the default SSH port if you enable password authentication. This reduces the likelihood of server hacking by automatically cracking the password using the brute force method.
To do this, uncomment the Port string and set it to a different value. 3355, for example.
Save and close this file. Restart the service for the port settings to take effect.
systemctl restart sshd
Now, to connect to the server, add the port number to the command:
ssh user@host -p 3355
Another good thing to improve server security is to use Fail2Ban.
If you want to create an SSH key, use the following command on a local Linux machine. Enter the path to place the key and the password for it, which may be empty. However, for security reasons, it is highly discouraged to use keys without a password.
To install this key on the server use the following command on a local Linux computer. Enter the correct key path, user name, and host.
ssh-copy-id -i /path/to/key user@host
Use this command to access the server:
UFW is a firewall. By default, it is disabled on the server. Before enabling it, you need to configure it to allow SSH connections.
ufw allow OpenSSH
If the standard SSH port has been changed, then you need to open this port.
ufw allow 3355/tcp
Now, enable UFW.
All ports are now closed to incoming connections, except those that were allowed. To see the UFW status:
Another thing that needs to be configured is the time in the system. To see the current time, enter the command:
The default time in the system is UTC. To change this, you must specify the correct time zone. To view all of them, use the command:
To set one of them:
timedatectl set-timezone Europe/Prague
To enable automatic time synchronization, install this package.
apt install ntp
It will be launched immediately after installation and your server will have the correct time.