This post is a bit more techy. If that’s not something that interests you, sorry…but this is my blog so I get to decide what content is on here. I thought I would write a post detailing the process that I go through when I set up a new linux server (either a remote server or re-installing my Raspberry Pi…which I will actually be doing very soon, probably in less than 6 hours).

First of all, I use debian-based linux distros as it is what I am the most familiar with. I have never used CentOS, Fedora, or Arch. After logging in for the first time, as root, here’s what I do:

apt-get update  
apt-get install build-essential git weget nano ufw dnsutils curl fail2ban logwatch sshguard -y  
apt-get upgrade -y  
dpkg-reconfigure locales  
dpkg-reconfigure tzdata  
ufw allow 22/tcp  
ufw allow 443/tcp  
ufw allow 80/tcp  
ufw enable

At the minimum, this is the list of software that I make sure are installed. I also setup a firewall as step one of my security procedures. I then setup my non-root user account.

 adduser joshua
 nano /etc/sudoers
 nano /etc/ssh/sshd_config

I give sudo access to the newly created user account. And then part 2 of my security procedures is to lock down ssh. I keep ssh on port 22, disable root login, and disable password login to login with an ssh key.

Finally, I like to setup a crontab to keep an eye on things with logwatch.

@weekly /usr/sbin/logwatch --output mail --mailto [email protected] --detail high --range '-7 days'

This website and this website have been extremely helpful in helping me setup new servers.

Share this on: TwitterFacebookEmail


Joshua Casey is an introverted autistic that enjoys video games and passionate about advocating for human rights, free speech, privacy rights, autistic rights, climate change, and child sexual abuse prevention.
Comments

Feel free to comment below and have a discussion about this article.


Published

Last Updated

Category

Tech

Tags

Social Media