Skip to content

Instantly share code, notes, and snippets.

@rfdez

rfdez/setup_linux_server.md

Last active June 29, 2023 18:37
Show Gist options
  • Save rfdez/7672e74c857c4359de56572320458940 to your computer and use it in GitHub Desktop.
Save rfdez/7672e74c857c4359de56572320458940 to your computer and use it in GitHub Desktop.
Download ZIP
First steps on a linux server
Raw
setup_linux_server.md

First steps on a linux server

Update the system

Run sudo apt update and sudo apt full-upgrade to update the system.

Change the root password

  1. Connect to the server with SSH. Change the user to root with the command sudo su -.
  2. Run passwd to change the default password.

Disable the default account

  1. Create a new user account with the command sudo adduser <username>.
  2. Give the user the sudo privilege with the command sudo adduser <username> sudo.
  3. Delete the default user account with the command sudo deluser -remove-home <default username>.

Make sudo require a password

  1. In a terminal window, run sudo visudo.
  2. Add the following line to the end of the file: 
    YOUR_USERNAME_HERE ALL=(ALL) PASSWD: ALL

Change the hostname

  1. Run this command: sudo hostname new-server-name-here.
  2. Edit the /etc/hostname file and update hostname.
  3. Edit the /etc/hosts file and update the lines that reads your old-host-name.

SSH

Prevent root login

  1. Open the /etc/ssh/sshd_config file with a text editor.
  2. Set the following line to no: 
    PermitRootLogin no
  3. Restart the SSH service with sudo service ssh restart.

Key-Based Authentication

⚠️ Important: Before that change is made, you must copy the SSH key from your computer to the server. For example, you can use the following command: ssh-copy-id -i ~/.ssh/id_rsa.pub YOUR_USERNAME_HERE@YOUR_SERVICE_HERE.

Change this line in the SSH configuration file we saw before:

PasswordAuthentication no

Change the default port

🗒️ NOTE: Note that the ports numbered 0-1023 are reserved for privileged services. Hence, it is best to use a port ranging from 49152 to 65535.

  1. Open the /etc/ssh/sshd_config file with a text editor.
  2. Insert the following line, if it already exists, replace it with the following line: 
    Port 1111
  3. Restart the SSH service with sudo service ssh restart.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment