====== Ubuntu on SDF VPS ====== {{:vps_-_ubuntu:8dd99b80-ubuntu-logo14.png?nolink&200|}} ===== Basics ===== Log into your vps as ''root'' using ''root'' as the password. We're going to disable the root account for security, but first we need a user account for day-to-day use. useradd -m Set the password for this user. passwd Add this user to the "sudo" group so that it can run commands as root. usermod -aG sudo Log out and log back in as your new account, then disable the root account. sudo passwd -dl root ===== Networking ===== Enable ''ufw'' for simple firewall management. sudo ufw enable In your control panel at vps.sdf.org, note YOUR_IP (e.g. 205.166.94.255) on the top line, and YOUR_HOSTNAME (e.g. ubuntu99). Delete the file ''/etc/netplan/00-installer-config.yaml'' then create a new file ''/etc/netplan/01-netcfg.yaml'', open it in an editor and add the following, replacing the text YOUR_IP with the IP address from the previous step:: network: version: 2 renderer: networkd ethernets: eth0: dhcp4: no addresses: - YOUR_IP/24 gateway4: 205.166.94.1 nameservers: addresses: [205.166.94.20] Save the file, then apply the config by running: sudo netplan apply Confirm that your IP is now assigned to your network interface: ip a Confirm that networking is functional: ping sdf.org Add this to /etc/hosts: YOUR_IP YOUR_HOSTNAME.sdf.org YOUR_HOSTNAME Change /etc/hostname to: YOUR_HOSTNAME ===== Updates ===== Pull latest package information. sudo apt-get update Apply all available updates. sudo apt-get upgrade Restart. sudo shutdown -r now ===== SSH ===== * Install SSH. sudo apt-get install openssh-server * Edit ''/etc/sshd/sshd_config'' and disable root login: PermitRootLogin no * Restart sshd. sudo systemctl restart sshd * Create a firewall rule to allow ssh connections. * If you'll always be connecting from the same ip (eg. your home computer) you can create explicit rules to only allow that ip to connect. However, note that most ISPs do not assign static IPs, so if yours changes you'll need to log into the console and update your firewall. sudo ufw allow from YOUR_HOME_IP/32 to any port 22 * If you need to be able to connect from anywhere, allow 22 from anywhere. sudo ufw allow 22 ==== Cleanup ==== There are a few things that can be removed at this point to clean up your install to reduce resource use and protect your privacy. When you type a command that's not found on your $PATH, Ubuntu will try to look it up and recommend packages to install that may be what you're looking for. This often means that instead of a quick error message, there is a delay before returning to a prompt. You can stop this behavior by removing the ''command-not-found'' package. sudo apt-get purge command-not-found In the output you should see a message about a folder being left behind because it's non-empty. We can safely clean this up as well. sudo rm -rRf /var/lib/command-not-found The package python3-commandnotfound was a dependency for this tool that is no longer needed. You can have apt clear this with autoremove. sudo apt autoremove You may have noticed that on login, your MOTD contains a lot of information, some of which is dynamically generated from sources on the internet. One of these steps sends information about the machine to Ubuntu as part of the request for latest news. We can disable this in ''/etc/default/motd-news''. ENABLED=0 You can take this further and move or delete the files found in ''/etc/update-motd.d/'' and optionally replace them with your own script. On login, Ubuntu will execute the scripts in this folder and display anything they send to stdout. You can also create ''/etc/motd'' and any text in that file will be displayed after any output from your motd scripts. ---- $Id: VPS_Ubuntu.html,v 1.6 2021/01/19 02:53:52 sully Exp $ [[http://sdf.org/?tutorials/VPS_Ubuntu|VPS_Ubuntu]] - traditional link (using [[wp>Revision_Control_System|RCS]])