Initial Server Setting of Ubuntu 18.04 - DigitalOcean

This is a note of the Ubuntu 18.04 server setup procedure.

I referred to Initial Server Setup with Ubuntu 18.04 .

SSH Login

1
$ ssh -i {YOUR_PRIVATE_KEY} root@{SERVER_IP_ADDRESS}

Basic Settings

Do the following with root.

update libraries by apt-get

1
2
# apt-get update
# apt-get dist-upgrade

reboot

After apt-get dist-upgrade, you need to reboot servers.

1
# reboot

SSH Settings for security

1
# vi /etc/ssh/sshd_config

Edit the following. Change port number of ssh.

1
2
PasswordAuthentication no
Port {SSH_PORT_NUMBER} ( 1024 to 65535 )

Restart sshd.

1
# service ssh restart

Check whether the SSH port number has been changed.

1
# lsof -i:{SSH_PORT_NUMBER}

Setting of ufw

Allow connections to port numbers set in / etc / ssh / sshd_config on ufw.

1
# vi /etc/ufw/applications.d/openssh-server

Change the “port number” on the last line.

1
2
3
4
[OpenSSH]
title=Secure shell server, an rshd replacement
description=OpenSSH is a free implementation of the Secure Shell protocol.
ports={SSH_PORT_NUMBER}/tcp

Enable ufw.

1
2
3
4
# ufw app list
# ufw allow OpenSSH
# ufw enable
# ufw status

Add user

1
# adduser {USER_NAME}

Enable added user to run sudo.

1
$ usermod -aG sudo {USER_NAME}

Add authorized_keys to the user.

1
2
3
4
5
$ cd
$ mkdir .ssh
$ chmod 700 .ssh
$ vi .ssh/authorized_keys # Paste authorized_keys
$ chmod 600 .ssh/authorized_keys

Disable ssh login with root.

1
$ vi /etc/ssh/sshd_config

PermitRootLogin * no .

1
PermitRootLogin no

Restart sshd.

1
$ sudo service ssh restart

Cloud Firewalls

On the Cloud Firewalls, you can only SSH login with SSH port number changed this time.