This post is a bit more techy. If that’s not something that interests you, sorry…but this is my blog so I get to decide what content is on here. I thought I would write a post detailing the process that I go through when I set up a new linux server (either a remote server or re-installing my Raspberry Pi…which I will actually be doing very soon, probably in less than 6 hours).

First of all, I use debian-based linux distros as it is what I am the most familiar with. I have never used CentOS, Fedora, or Arch. After logging in for the first time, as root, here’s what I do:

apt-get update  
apt-get install build-essential git weget nano ufw dnsutils curl fail2ban logwatch sshguard -y  
apt-get upgrade -y  
dpkg-reconfigure locales  
dpkg-reconfigure tzdata  
ufw allow 22/tcp  
ufw allow 443/tcp  
ufw allow 80/tcp  
ufw enable  

At the minimum, this is the list of software that I make sure are installed. I also setup a firewall as step one of my security procedures. I then setup my non-root user account.

 adduser joshua
 nano /etc/sudoers
 nano /etc/ssh/sshd_config

I give sudo access to the newly created user account. And then part 2 of my security procedures is to lock down ssh. I keep ssh on port 22, disable root login, and disable password login to login with an ssh key.

Finally, I like to setup a crontab to keep an eye on things with logwatch.

@weekly /usr/sbin/logwatch --output mail --mailto [email protected] --detail high --range '-7 days'  

This website and this website have been extremely helpful in helping me setup new servers.