My personal note to setup ubuntu server, my old note is in Quiver.
Before creating a droplet, make sure to select the SSH-KEY that is used login to server.
To generate new key, use this command and input the path you want to store the new key.
ssh-keygen
After creating a droplet, ssh into server using
ssh -i ~/.ssh/ssh_key root@server_ip
Create a new user, for example ubuntu
adduser ubuntu
Make ubuntu a sudoer so that ubuntu
can be used instead of root
usermod -aG sudo ubuntu
Swap user to ubuntu
and copy ssh public key to ~/.ssh/authorized_keys
su ubuntu
cd ~
mkdir .ssh
vim authorized_keys # paste the ssh public key here
exit # back to root user
exit
again to close this session.
Try login using ubuntu
user. If done correctly, there should be no password prompt.
ssh -i ~/.ssh/ssh_key ubuntu@server_ip
make ubuntu
sudo without supplying password
sudo visudo
Add this line to the last part
ubuntu ALL=(ALL) NOPASSWD:ALL
ctrl+x
y
enter
to exit the editor
exit
to close the session.
SSH back in
ssh -i ~/.ssh/ssh_key ubuntu@server_ip
run sudo date
there should be no password prompt.
Now disable root ssh login
sudo vim /etc/ssh/sshd_config
Change PermitRootLogin yes
to PermitRootLogin no
Add a line AllowUsers ubuntu
to allow ubuntu
to login.
Then restart ssh.
sudo service ssh restart
Now exit
to close session again and test logging back in to server.
ssh -i ~/.ssh/ssh_key ubuntu@server_ip
Finally
sudo apt update
sudo apt upgrade
NOTE: To change SSH Port from 22 to something else
sudo vi /etc/ssh/sshd_config
Change Port 22
to the port you want.
Restart SSH sudo service ssh restart
and then to SSH, use
ssh -i ~/.ssh/ssh_key root@server_ip -p PORT
Done! Next, try using ansible
to setup other softwares.
Also checkout firewall before using in production.
Top comments (2)
Great article, thanks for sharing!
In a next article you might one to share how to change the default port (22) to something more secure like 34982
Ok, I will add this.
Change
Port 22
to the port you want.Restart SSH
sudo service ssh restart
and then to SSH, use