{"id":150,"date":"2017-04-27T07:39:46","date_gmt":"2017-04-27T07:39:46","guid":{"rendered":"http:\/\/simplecode.xyz\/?p=150"},"modified":"2022-01-10T14:48:32","modified_gmt":"2022-01-10T14:48:32","slug":"setup-ubuntu-server","status":"publish","type":"post","link":"https:\/\/simplecode.com.vn\/?p=150","title":{"rendered":"Setup Ubuntu Server"},"content":{"rendered":"

After my server on DigitalOcean<\/a> was attacked few times, I thought I should write an article about it. Do hope it is useful to you.<\/p>\n

Step One \u2014 Root Login<\/h3>\n
 $ ssh root@your_server_ip\r\n<\/code><\/pre>\n<\/p>\n
Step Two \u2014 Create a New User<\/h3>\n
 # adduser van\r\n<\/code><\/pre>\n<\/p>\n
Step Three \u2014 Root Privileges<\/h3>\n
Set root privileges to new user.<\/p>\n
 # usermod -aG sudo van\r\n<\/code><\/pre>\n<\/p>\n
Step Four \u2014 Add Public Key Authentication (Recommended)<\/h3>\n
Generate a Key Pair<\/b><\/p>\n
You need to generate a key pair on your local machine before putting it on the server.<\/p>\n
 $ ssh-keygen\r\n<\/code><\/pre>\n
ssh-keygen output<\/span>\r\nGenerating public\/private rsa key pair.\r\nEnter file in which to save the key (\/Users\/localuser\/.ssh\/id_rsa):\r\n<\/pre>\n
You will be asked a few questions. It is recommended to leave the password field blank.<\/p>\n<\/p>\n
Copy the Public Key manually<\/b><\/p>\n
On your local machine, type the command below will show your public key inside terminal.<\/p>\n
 $ cat ~\/.ssh\/id_rsa.pub\r\n<\/code><\/pre>\n
Now copy it to the clipboard.<\/p>\n
id_rsa.pub contents<\/span>\r\nssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBGTO0tsVejssuaYR5R3Y\/i73SppJAhme1dH7W2c47d4gOqB4izP0+fRLfvbz\/tnXFz4iOP\/H6eCV05hqUhF+KYRxt9Y8tVMrpDZR2l75o6+xSbUOMu6xN+uVF0T9XzKcxmzTmnV7Na5up3QM3DoSRYX\/EP3utr2+zAqpJIfKPLdA74w7g56oYWI9blpnpzxkEd3edVJOivUkpZ4JoenWManvIaSdMTJXMy3MtlQhva+j9CgguyVbUkdzK9KKEuah+pFZvaugtebsU+bllPTB0nlXGIJk98Ie9ZtxuY3nCKneB+KjKiXrAvXUPCI9mWkYS\/1rggpFmu3HbXBnWSUdf localuser@machine.local\r\n<\/pre>\n
Next, connect to your server as root<\/code> user. Then switch to your sudo user.<\/p>\n
 # su - van\r\n<\/code><\/pre>\n
Create .ssh<\/code> folder.<\/p>\n
 $ mkdir ~\/.ssh\r\n $ chmod 700 ~\/.ssh\r\n<\/code><\/pre>\n
Create authorized_keys<\/code> file.<\/p>\n
 $ nano ~\/.ssh\/authorized_keys\r\n<\/code><\/pre>\n
When the authorized_keys<\/code> file opened. Let’s paste your public key here. Then press Ctrl-o<\/code> to save the file and Ctrl-x<\/code> to close it.<\/p>\n
It’s better to restrict access privileges of this file.<\/p>\n
 $ chmod 600 ~\/.ssh\/authorized_keys\r\n<\/code><\/pre>\n
Exit sudo user.<\/p>\n
 $ exit\r\n<\/code><\/pre>\n<\/p>\n
Step Five \u2014 Disable Password Authentication (Recommended)<\/h3>\n
Let’s open sshd_config<\/code> file.<\/p>\n
 $ sudo nano \/etc\/ssh\/sshd_config\r\n<\/code><\/pre>\n
To disable password authentication, you need to set no<\/code> to PasswordAuthentication<\/code> directive.<\/p>\n
PasswordAuthentication no<\/pre>\n
Then to make sure, you should check these default settings are correct.<\/p>\n
PubkeyAuthentication yes\r\nAuthorizedKeyFile  .ssh\/authorized_keys\r\nChallengeResponseAuthentication no<\/pre>\n
Apply update sshd_config<\/code>.<\/p>\n
 $ sudo systemctl reload sshd\r\n<\/code><\/pre>\n<\/p>\n
Step Six \u2014 Test Log In<\/h3>\n
It’s time to check if everything is working nicely. Let’s connect to your server with the new sudo user.<\/p>\n
 $ ssh van@your_server_ip\r\n<\/code><\/pre>\n
 $ sudo command_to_run\r\n<\/code><\/pre>\n<\/p>\n
Step Seven \u2014 Set Up a Basic Firewall<\/h3>\n
 $ sudo ufw enable\r\n<\/code><\/pre>\n
 $ sudo ufw allow OpenSSH\r\n<\/code><\/pre>\n
 $ sudo ufw status\r\n<\/code><\/pre>\n
Output\r\nStatus: active\r\n\r\nTo                         Action      From\r\n--                         ------      ----\r\nOpenSSH                    ALLOW       Anywhere\r\nOpenSSH (v6)               ALLOW       Anywhere (v6)\r\n<\/pre>\n<\/p>\n
Step Eight \u2014 Disable Root Login (Recommended)<\/h3>\n
To prevent server attack, it’s recommended to disable root login.<\/p>\n
 $ sudo nano \/etc\/ssh\/sshd_config\r\n<\/code><\/pre>\n
To disable root login, you just need to set no<\/code> to PermitRootLogin<\/code> directive.<\/p>\n
PermitRootLogin no<\/pre>\n<\/p>\n
What Next<\/h3>\n
These steps are the foundation of server setup. Now you can install any softwares on your new server.<\/p>\n
To keep your server more secure, you could have a look at fail2ban<\/code> solution or changing your ssh port. At the moment, I have just changed my ssh port. It works for now.<\/p>\n
Happy coding!<\/p>\n<\/p>\n
References<\/b>
\nhttps:\/\/www.digitalocean.com\/community\/tutorials\/initial-server-setup-with-ubuntu-14-04<\/a>
\nhttps:\/\/www.digitalocean.com\/community\/tutorials\/initial-server-setup-with-ubuntu-16-04<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
After my server on DigitalOcean was attacked few times, I thought I should write an article about it. Do hope it is useful to you. Step One \u2014 Root Login $ ssh root@your_server_ip Step Two \u2014 Create a New User # adduser van Step Three \u2014 Root Privileges Set root […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[4],"tags":[],"yoast_head":"\nSetup Ubuntu Server - SimpleCode<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/simplecode.com.vn\/?p=150\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Setup Ubuntu Server - SimpleCode\" \/>\n<meta property=\"og:description\" content=\"After my server on DigitalOcean was attacked few times, I thought I should write an article about it. Do hope it is useful to you. Step One \u2014 Root Login $ ssh root@your_server_ip Step Two \u2014 Create a New User # adduser van Step Three \u2014 Root Privileges Set root […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/simplecode.com.vn\/?p=150\" \/>\n<meta property=\"og:site_name\" content=\"SimpleCode\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-27T07:39:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-01-10T14:48:32+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"simplecode\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/simplecode.com.vn\/#website\",\"url\":\"https:\/\/simplecode.com.vn\/\",\"name\":\"SimpleCode\",\"description\":\"Simple Code\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/simplecode.com.vn\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/simplecode.com.vn\/?p=150#webpage\",\"url\":\"https:\/\/simplecode.com.vn\/?p=150\",\"name\":\"Setup Ubuntu Server - SimpleCode\",\"isPartOf\":{\"@id\":\"https:\/\/simplecode.com.vn\/#website\"},\"datePublished\":\"2017-04-27T07:39:46+00:00\",\"dateModified\":\"2022-01-10T14:48:32+00:00\",\"author\":{\"@id\":\"https:\/\/simplecode.com.vn\/#\/schema\/person\/b110785905231d29553717dd14b766dc\"},\"breadcrumb\":{\"@id\":\"https:\/\/simplecode.com.vn\/?p=150#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/simplecode.com.vn\/?p=150\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/simplecode.com.vn\/?p=150#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/simplecode.com.vn\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Setup Ubuntu Server\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/simplecode.com.vn\/#\/schema\/person\/b110785905231d29553717dd14b766dc\",\"name\":\"simplecode\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/simplecode.com.vn\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/22e0b2cc28939e5aecc166195d629442?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/22e0b2cc28939e5aecc166195d629442?s=96&d=mm&r=g\",\"caption\":\"simplecode\"},\"url\":\"https:\/\/simplecode.com.vn\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Setup Ubuntu Server - SimpleCode","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/simplecode.com.vn\/?p=150","og_locale":"en_US","og_type":"article","og_title":"Setup Ubuntu Server - SimpleCode","og_description":"After my server on DigitalOcean was attacked few times, I thought I should write an article about it. Do hope it is useful to you. Step One \u2014 Root Login $ ssh root@your_server_ip Step Two \u2014 Create a New User # adduser van Step Three \u2014 Root Privileges Set root […]","og_url":"https:\/\/simplecode.com.vn\/?p=150","og_site_name":"SimpleCode","article_published_time":"2017-04-27T07:39:46+00:00","article_modified_time":"2022-01-10T14:48:32+00:00","twitter_card":"summary","twitter_misc":{"Written by":"simplecode","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/simplecode.com.vn\/#website","url":"https:\/\/simplecode.com.vn\/","name":"SimpleCode","description":"Simple Code","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/simplecode.com.vn\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/simplecode.com.vn\/?p=150#webpage","url":"https:\/\/simplecode.com.vn\/?p=150","name":"Setup Ubuntu Server - SimpleCode","isPartOf":{"@id":"https:\/\/simplecode.com.vn\/#website"},"datePublished":"2017-04-27T07:39:46+00:00","dateModified":"2022-01-10T14:48:32+00:00","author":{"@id":"https:\/\/simplecode.com.vn\/#\/schema\/person\/b110785905231d29553717dd14b766dc"},"breadcrumb":{"@id":"https:\/\/simplecode.com.vn\/?p=150#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/simplecode.com.vn\/?p=150"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/simplecode.com.vn\/?p=150#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/simplecode.com.vn\/"},{"@type":"ListItem","position":2,"name":"Setup Ubuntu Server"}]},{"@type":"Person","@id":"https:\/\/simplecode.com.vn\/#\/schema\/person\/b110785905231d29553717dd14b766dc","name":"simplecode","image":{"@type":"ImageObject","@id":"https:\/\/simplecode.com.vn\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/22e0b2cc28939e5aecc166195d629442?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/22e0b2cc28939e5aecc166195d629442?s=96&d=mm&r=g","caption":"simplecode"},"url":"https:\/\/simplecode.com.vn\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=\/wp\/v2\/posts\/150"}],"collection":[{"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=150"}],"version-history":[{"count":21,"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=\/wp\/v2\/posts\/150\/revisions"}],"predecessor-version":[{"id":252,"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=\/wp\/v2\/posts\/150\/revisions\/252"}],"wp:attachment":[{"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/simplecode.com.vn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}