Ubuntu 18.04 Initial Server Setup for both Beginners and Advanced Users
Introduction
After installing Ubuntu 18.04 server, there are some steps you should take as part of the initial setup. These steps will increase the server security and give better user experience of your server. The aim of this article is to help you
Logging in as Root
To log into your server, you ought to know your server’s public IP address or the domain name address. You additionally need the password or an SSH key for authentication. Thus, the private key for the root user’s account.
Log in as the root user using the following command (substitute server_ip with your server’s public IP address):
ssh root@server_ipIf the authenticity appears on your screen accept the warning. If you are using a password to authenticate, then enter the root password to log in. You may be prompt to enter your passphrase if you are using an SSH key passphrase for authentication. You may also be prompt to change your password if that is the first time you are logging into the server with a password.
Update and Upgrade Ubuntu System
Use the following commands to download and install the latest packages. Separate the two commands with && and the command will run in succession. When prompted to install packages, press y and ENTER.
sudo apt update && sudo apt upgradeTo remove all locally downloaded packages, run the following commands
sudo apt autoremove && sudo apt cleanCreate New Account in Ubuntu
By default, the root account is disabled in Ubuntu as a security measure. But once you are in the system as root, you can now create a new user that you will use to login from now on. This account will also have the root privileges for administrative tasks in the system.
Setup a strong password to protect this account if you are using password authentication. This example creates a new user called fynn, replace this username with the name you want to use. Now, follow the adduser prompt to add the user details and password.
sudo adduser fynnYou will be asked to enter a new password. A password generator will be helpful if you are confused as to what password to use. Keep the password safe. Note when entering a password in Linux, there is no * asterisk or dots. It normally appears as though nothing is being typed.
Once you are done typing your password. Other details like contact information can be added after. You don’t really need to enter the contact details, just press Enter to leave at default.
Granting Administrative Privileges
Once you are done create the new user, superuser privileges can be given using the usermod command.
sudo usermod -aG sudo fynnThe parameter -aG means append to Group and sudo is the name of the superuser group the user is being added.
After running the above command, there will be no prompt or feedback. That is if there is no error in the command. Well, you can switch to the new account created
sudo su - fynnEnter the password created earlier if prompted for a password.
Now that you have given superuser access to the new account created. Meaning the new user can perform actions with the superuser privilege by typing
Basic Firewall Set Up
You cannot set up a system without firewall to make sure only services needed are allowed. Ubuntu 18.04 comes with ufw as default firewall which allows you to create an IPv4 or IPv6 host-based firewall.
Ubuntu server ufw firewall to manage the iptables rules on the server. Use the command below to check the status of the ufw firewall on Ubuntu.
sudo systemctl status ufw
sudo ufw statusUsually,
OpenSSH, the service that allow us to connect to the server remotely, now has its profile registered with ufw. Use the command below to list all the applications that has there profiles registered with ufw.
ufw app listMoreover, before enabling ufw firewall policy, allow ssh traffic through the firewall via OpenSSH. That can be done by excuting the command below.
sudo ufw allow OpenSSHAfterwards, the firewall can be enabled by the command below
sudo ufw enableAt a successful update, you should see “Rules updated”. If prompted with a warning, “Command may disrupt existing ssh connections” press y and Enter.
Now, check the status of the firewall using the following command
sudo ufw statusListed is OpenSSH as one the services allowed by ufw firewall.
Set Up SSH for Remote Access
Well, we have created a regular user for daily user, we now need to make sure the user can securely SSH into the server with the new account.
Password Authentication
At this stage, you can logged into the server using the password associate with the new account created. Now, SSH using the new user account by opening new terminal session. Then, type the following command.
ssh fynn@server_ipAfter entering the user’s password, you will be logged in. Remember, type
sudo command_to_runYou will be prompt to enter the user’s password each time you use ssh to
SSH Key Authentication
This article is getting long for that matter I will be writing another article on how to set up SSH keys on Ubuntu 18.04.
Yet, in a situation where password authentication is no for SSH. Now, copy your local public key to the new user’s account to ~/.ssh/authorized_keys file to enable authentication without password.You can copy your local public key to the new user’s account to ~/.ssh/authorized_keys file to be able to log in.
Finally, copy your ssh key to server using rsync. The command below uses rsync to copy the ssh key to the server.
rsync --archive --chown=fynn:fynn ~/.ssh /home/fynnNow, you should be able to SSH with the created user account.
ssh fynn@server_ipYou will be prompt to enter the user’s password because of the SSH key. But remember, for administrative privileges add sudo before the command as shown below.
sudo command_to_runYou will have to enter user’s password when using sudo.
Conclusion
At this stage, your Ubuntu server is now ready for installing additional softwares needed for your operation.
No Comments
Leave a comment Cancel