My personal note to setup ubuntu server, my old note is in Quiver.
Before creating a droplet, make sure to select the SSH-KEY that is used login to server.
To generate new key, use this command and input the path you want to store the new key.
ssh-keygen
After creating a droplet, ssh into server using
ssh -i ~/.ssh/ssh_key root@server_ip
Create a new user, for example ubuntu
adduser ubuntu
Make ubuntu a sudoer so that ubuntu can be used instead of root
usermod -aG sudo ubuntu
Swap user to ubuntu and copy ssh public key to ~/.ssh/authorized_keys
su ubuntu
cd ~
mkdir .ssh
vim authorized_keys # paste the ssh public key here
exit # back to root user
exit again to close this session.
Try login using ubuntu user. If done correctly, there should be no password prompt.
ssh -i ~/.ssh/ssh_key ubuntu@server_ip
make ubuntu sudo without supplying password
sudo visudo
Add this line to the last part
ubuntu ALL=(ALL) NOPASSWD:ALL
ctrl+x y enter to exit the editor
exit to close the session.
SSH back in
ssh -i ~/.ssh/ssh_key ubuntu@server_ip
run sudo date there should be no password prompt.
Now disable root ssh login
sudo vim /etc/ssh/sshd_config
Change PermitRootLogin yes to PermitRootLogin no
Add a line AllowUsers ubuntu to allow ubuntu to login.
Then restart ssh.
sudo service ssh restart
Now exit to close session again and test logging back in to server.
ssh -i ~/.ssh/ssh_key ubuntu@server_ip
Finally
sudo apt update
sudo apt upgrade
NOTE: To change SSH Port from 22 to something else
sudo vi /etc/ssh/sshd_config
Change Port 22 to the port you want.
Restart SSH sudo service ssh restart and then to SSH, use
ssh -i ~/.ssh/ssh_key root@server_ip -p PORT
Done! Next, try using ansible to setup other softwares.
Also checkout firewall before using in production.
Top comments (2)
Great article, thanks for sharing!
In a next article you might one to share how to change the default port (22) to something more secure like 34982
Ok, I will add this.
Change
Port 22to the port you want.Restart SSH
sudo service ssh restartand then to SSH, use