PRG
  • Home
  • About
  • Contact
  • Blog
# Tutorial: Initial Server Setup with Ubuntu 22.04 ``` Prequisites: A server with Ubuntu 22.04 ``` ## 1: Initial Server Setup ### 1.1. Logging in as root Use the **server's public IP address** and log in as root. This can be done using the password or the private key for the **root** user's account if an SSH key is installed for authentication. * Using [Windows](https://docs.digitalocean.com/products/droplets/how-to/connect-with-ssh/openssh/) * Using [Linux/Mac OS](https://docs.digitalocean.com/products/droplets/how-to/connect-with-ssh/putty) Login as the **root** user using the following command using OpenSSH. Replace the highlighted ```server_ip``` bit of the command accordingly. ``` ssh root@your_server_ip ``` If a warning on the authenticity of the host is displayed, accept it. Enter your root password to log in if your server employs password authentication. When using a passphrase-protected SSH key, you might have to enter it each time you use the key during a session. You might also need to modify the root password if this is your first time login into the server with a password. If you get prompted to update the password, do as instructed. #### About Root In a Linux context, the administrator user with elevated rights is known as the root user. It is not recommended that you utilize the root account on a regular basis due to its elevated privileges. Even by accident, the root account has the ability to make extremely damaging modifications. The next action is to create a new user account for daily usage with less rights. We'll demonstrate later how to temporarily elevate your privileges for when you really need them. ### 1.2 Create New User Once logged in as root, create ```new_user``` account. All future login;s will be carried out under this user name. ``` adduser new_user ``` Following password creation, answer the standard question and follow the steps. ### 1.3 Granting Administrative Privileges A *superuser* or **root** priveleges will need to be provides to the ```new_user``` account to prevent logging out and logging in as root to run commands that require elevated access. These priveleges will allow the newly created user to run commands with administrative privelges using the word ```sudo``` before the command. This is done by adding the newly created user to the **sudo** system group. In Ubuntu 22.04, users who are members of this group are allowed to use sudo command. To do this, run the following command as root ``` usermod -aG sudo new_user ``` ### 1.4 Setup Firewall This is the most important step of the setup to ensure that only connections to certain services are allowed. #### UFW - Uncomplicated Firewall The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled. Enabling the ufw at server setup is a crucial step Installed apps can register their profiles with UFW upon installation. These profiles allow UFW to manager these applications by name. Examine the list of installed UFW profiles ``` ufw app list ``` ``` Output Available applications: OpenSSH ``` Before enabling the firewall, ensure that the firewall allows SSH connections for future login consideratons. Allow using the following command. ``` ufw allow OpenSSH ``` Enable the firewall by typing ``` ufw enable ``` Type ```y``` and click ```ENTER``` to proceed. You can see the SSH conenctions are still allowed by typing: ``` ufw status ``` ``` Output Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) ``` The ooutput indicates that the firewall is blockling all connectiosn except SSH. If additional services are installed and additional setting are configured, firewall setting needs to be adjusted accordingly. Refer [documentation](https://help.ubuntu.com/community/UFW) for futher information. ### 1.5 Enabling External Access for New User Make sure that the ```new_user``` is is able to access the account for future use. Log out as root user and login as ```new_user``` and run the test sudo command to ensure access and priveleges. ``` ssh new_user@server_ip ``` Run the following sudo command ``` sudo apt update ``` The sudo apt update command is the most essential command in Linux to keep a system healthy and up-to-date. This command installs and downloads all the latest package information available for the packages currently installed on the system.
Copyright © Prajwal Ram Gowda 2023