Ubuntu 18.04 Initial Server Setup

ayekpleclemence

Ayekple Clemence

Posted on January 10, 2020

Ubuntu 18.04 Initial Server Setup

Ubuntu 18.04 Initial Server Setup for both Beginners and Advanced Users

Introduction

After installing Ubuntu 18.04 server, there are some steps you should take as part of the initial setup. These steps will increase the server security and give better user experience of your server. The aim of this article is to help you get Ubuntu 18.04 initial server setup.

Logging in as Root

To log into your server, you ought to know your server’s public IP address or the domain name address. You additionally need the password or an SSH key for authentication. Thus, the private key for the root user’s account.

Log in as the root user using the following command (substitute server_ip with your server’s public IP address):

ssh root@server_ip

If the authenticity appears on your screen accept the warning. If you are using a password to authenticate, then enter the root password to log in. You may be prompt to enter your passphrase if you are using an SSH key passphrase for authentication. You may also be prompt to change your password if that is the first time you are logging into the server with a password.

Update and Upgrade Ubuntu System

Use the following commands to download and install the latest packages. Separate the two commands with && and the command will run in succession. When prompted to install packages, press y and ENTER.

sudo apt update && sudo apt upgrade

To remove all locally downloaded packages, run the following commands

sudo  apt autoremove && sudo apt clean

Create New Account in Ubuntu

By default, the root account is disabled in Ubuntu as a security measure. But once you are in the system as root, you can now create a new user that you will use to login from now on. This account will also have the root privileges for administrative tasks in the system.

Setup a strong password to protect this account if you are using password authentication. This example creates a new user called fynn, replace this username with the name you want to use. Now, follow the adduser prompt to add the user details and password.

sudo adduser fynn

You will be asked to enter a new password. A password generator will be helpful if you are confused as to what password to use. Keep the password safe. Note when entering a password in Linux, there is no * asterisk or dots. It normally appears as though nothing is being typed.

Once you are done typing your password. Other details like contact information can be added after. You don’t really need to enter the contact details, just press Enter to leave at default.

Granting Administrative Privileges

Once you are done create the new user, superuser privileges can be given using the usermod command.

sudo usermod -aG sudo fynn

The parameter -aG means append to Group and sudo is the name of the superuser group the user is being added.

After running the above command, there will be no prompt or feedback. That is if there is no error in the command. Well, you can switch to the new account created fynn using the su command.

sudo su - fynn

Enter the password created earlier if prompted for a password.

Now that you have given superuser access to the new account created. Meaning the new user can perform actions with the superuser privilege by typing sudo before commands.

Basic Firewall Set Up

You cannot set up a system without firewall to make sure only services needed are allowed. Ubuntu 18.04 comes with ufw as default firewall which allows you to create an IPv4 or IPv6 host-based firewall.

Ubuntu server ufw firewall to manage the iptables rules on the server. Use the command below to check the status of the ufw firewall on Ubuntu.

sudo systemctl status ufw
sudo ufw status

Usually, ufw firewall rules are not applied by default in Ubuntu even though it is up and running. Other applications profiles are registered upon installation. These profiles allow ufw to manage the applications by name.

OpenSSH, the service that allow us to connect to the server remotely, now has its profile registered with ufw. Use the command below to list all the applications that has there profiles registered with ufw.

ufw app list

Moreover, before enabling ufw firewall policy, allow ssh traffic through the firewall via OpenSSH. That can be done by excuting the command below.

sudo ufw allow OpenSSH

Afterwards, the firewall can be enabled by the command below

sudo ufw enable

At a successful update, you should see “Rules updated”. If prompted with a warning, “Command may disrupt existing ssh connections” press y and Enter.

Now, check the status of the firewall using the following command

sudo ufw status

Listed is OpenSSH as one of the services allowed by ufw firewall.

Set Up SSH for Remote Access

Well, we have created a regular user for daily user, we now need to make sure the user can securely SSH into the server with the new account.

Password Authentication

At this stage, you can logged into the server using the password associated with the new account created. Now, SSH using the new user account by opening a new terminal session. Then, type the following command.

ssh fynn@server_ip

After entering the user’s password, you will be logged in. Remember, type sudo before command when you need administrative privileges.

sudo command_to_run

You will be prompt to enter the user’s password each time you use ssh to logged in to the server. Then, when using sudo before any command the first time you will have to enter the user’s password for each session.

SSH Key Authentication

This article is getting long for that matter I will be writing another article on how to set up SSH keys on Ubuntu 18.04.

Yet, in a situation where password authentication is no for SSH. Now, copy your local public key to the new user’s account to ~/.ssh/authorized_keys file to enable authentication without a password. You can copy your local public key to the new user’s account to ~/.ssh/authorized_keys file to be able to log in.

Finally, copy your ssh key to server using rsync. The command below uses rsync to copy the ssh key to the server.

rsync --archive --chown=fynn:fynn ~/.ssh /home/fynn

Now, you should be able to SSH with the created user account.

ssh fynn@server_ip

You will be prompt to enter the user’s password because of the SSH key. But remember, for administrative privileges add sudo before the command as shown below.

sudo command_to_run

You will have to enter the user’s password when using sudo.

Conclusion

At this stage, your Ubuntu server is now ready for installing additional software needed for your operation.

💖 💪 🙅 🚩
ayekpleclemence
Ayekple Clemence

Posted on January 10, 2020

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related