I've setup new servers more times than I can count. I thought I would write a post documenting what I do when I setup a new server. We will be logging in as root since this is our first time logging into the server.

apt-get update
apt-get upgrade
apt-get install fail2ban curl build-essential ufw logwatch nano dnsutils git
adduser USERNAME
nano /etc/sudoers
nano /etc/ssh/sshd_config
service ssh restart
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow {any-other-port-you-need-here}/tco
ufw enable
add this line to crontab: @weekly /usr/sbin/logwatch --output mail --mailto [email protected] --detail high --range '-7 days'

Other Miscellaneous things

Here are some additional, optional things.

Reconfiguring Locales

  • locale-gen "en_US.UTF-8"
  • dpkg-reconfigure locales

Reconfiguring Timezone

  • dpkg-reconfigure tzdata

How to setup Public Key Authentication with SSH

ssh-key -b 4096
Make sure you provide a passphrase when it asks you for one for extra security. When finished you can find your private and public keys in ~/.ssh. Your private key, using the default file name, is id_rsa. Your public key, using the default file name, is id_rsa.pub.

cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys


Sources:


Comments

comments powered by Disqus