Skip to content

Instantly share code, notes, and snippets.

@AldeRoberge
Created September 22, 2025 19:16
Show Gist options
  • Save AldeRoberge/21b1c9e4cfd307ef24814978b6c5e36d to your computer and use it in GitHub Desktop.
Save AldeRoberge/21b1c9e4cfd307ef24814978b6c5e36d to your computer and use it in GitHub Desktop.
Useful Ubuntu Tips

Useful Ubuntu Tips

1. Check Open Ports

To see which ports are being used by your server:

sudo ss -tulnp

Notes:

  • 0.0.0.0:* → loopback (safe, local only)
  • [::]:* → open to all (public)

2. Keep the System Updated

Update package lists and upgrade all packages:

sudo apt update && sudo apt upgrade -y

3. Enable Automatic Security Updates

Install and configure unattended upgrades:

sudo apt install unattended-upgrades
sudo dpkg-reconfigure --priority=low unattended-upgrades

This ensures security updates are applied automatically.


4. Basic Firewall Setup

Use ufw (Uncomplicated Firewall) to manage firewall rules:

sudo ufw enable
sudo ufw status
sudo ufw allow ssh       # allow SSH access
sudo ufw allow 80/tcp    # allow HTTP
sudo ufw allow 443/tcp   # allow HTTPS

Tip: Always allow SSH before enabling ufw to avoid locking yourself out.


5. Monitor System Resources

Check CPU, memory, and disk usage:

top           # real-time CPU & memory
htop          # interactive, more user-friendly
df -h         # disk usage
free -h       # memory usage

Install htop if not available:

sudo apt install htop

6. Manage Services

Check status, start, stop, or restart services:

sudo systemctl status nginx
sudo systemctl start nginx
sudo systemctl stop nginx
sudo systemctl restart nginx
sudo systemctl enable nginx   # start on boot

7. Check Logs

View system logs for troubleshooting:

journalctl -xe          # system logs
sudo tail -f /var/log/syslog  # live system log

8. Secure SSH

  • Disable root login: edit /etc/ssh/sshd_configPermitRootLogin no
  • Use key-based authentication instead of passwords
  • Change default port for SSH (optional)

Restart SSH after changes:

sudo systemctl restart ssh

9. Fail2Ban for Brute-Force Protection

Install and enable fail2ban:

sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Check status:

sudo fail2ban-client status

10. Useful Shortcuts

  • Ctrl + R → search command history
  • !! → repeat last command
  • !<number> → run command from history by number
  • tmux or screen → keep sessions running after disconnect
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment