User Tools

Site Tools


vps_-_ubuntu

Ubuntu on SDF VPS

Basics

Log into your vps as root using root as the password.

We're going to disable the root account for security, but first we need a user account for day-to-day use.

useradd -m <username>

Set the password for this user.

passwd <username>

Add this user to the “sudo” group so that it can run commands as root.

usermod -aG sudo <username>

Log out and log back in as your new account, then disable the root account.

sudo passwd -dl root

Networking

Enable ufw for simple firewall management.

sudo ufw enable

In your control panel at vps.sdf.org, note YOUR_IP (e.g. 205.166.94.255) on the top line, and YOUR_HOSTNAME (e.g. ubuntu99).

Delete the file /etc/netplan/00-installer-config.yaml then create a new file /etc/netplan/01-netcfg.yaml, open it in an editor and add the following, replacing the text YOUR_IP with the IP address from the previous step::

/etc/netplan/01-netcfg.yaml
	network:
	  version: 2
	  renderer: networkd
	  ethernets:
	    eth0:
	      dhcp4: no
	      addresses:
	        - YOUR_IP/24
	      gateway4: 205.166.94.1
	      nameservers:
	        addresses: [205.166.94.20]

Save the file, then apply the config by running:

sudo netplan apply

Confirm that your IP is now assigned to your network interface:

ip a

Confirm that networking is functional:

ping sdf.org

Add this to /etc/hosts:

/etc/hosts
YOUR_IP     YOUR_HOSTNAME.sdf.org     YOUR_HOSTNAME

Change /etc/hostname to:

/etc/hostname
YOUR_HOSTNAME

Updates

Pull latest package information.

sudo apt-get update

Apply all available updates.

sudo apt-get upgrade

Restart.

sudo shutdown -r now

SSH

  • Install SSH.
     sudo apt-get install openssh-server
  • Edit /etc/sshd/sshd_config and disable root login:
    /etc/sshd/sshd_config
    PermitRootLogin no
  • Restart sshd.
     sudo systemctl restart sshd
  • Create a firewall rule to allow ssh connections.
    • If you'll always be connecting from the same ip (eg. your home computer) you can create explicit rules to only allow that ip to connect. However, note that most ISPs do not assign static IPs, so if yours changes you'll need to log into the console and update your firewall.
       sudo ufw allow from YOUR_HOME_IP/32 to any port 22
    • If you need to be able to connect from anywhere, allow 22 from anywhere.
       sudo ufw allow 22

Cleanup

There are a few things that can be removed at this point to clean up your install to reduce resource use and protect your privacy.

When you type a command that's not found on your $PATH, Ubuntu will try to look it up and recommend packages to install that may be what you're looking for. This often means that instead of a quick error message, there is a delay before returning to a prompt. You can stop this behavior by removing the command-not-found package.

sudo apt-get purge command-not-found

In the output you should see a message about a folder being left behind because it's non-empty. We can safely clean this up as well.

sudo rm -rRf /var/lib/command-not-found

The package python3-commandnotfound was a dependency for this tool that is no longer needed. You can have apt clear this with autoremove.

sudo apt autoremove

You may have noticed that on login, your MOTD contains a lot of information, some of which is dynamically generated from sources on the internet. One of these steps sends information about the machine to Ubuntu as part of the request for latest news. We can disable this in /etc/default/motd-news.

/etc/default/motd-news
ENABLED=0

You can take this further and move or delete the files found in /etc/update-motd.d/ and optionally replace them with your own script. On login, Ubuntu will execute the scripts in this folder and display anything they send to stdout. You can also create /etc/motd and any text in that file will be displayed after any output from your motd scripts.


$Id: VPS_Ubuntu.html,v 1.6 2021/01/19 02:53:52 sully Exp $ VPS_Ubuntu - traditional link (using RCS)

vps_-_ubuntu.txt · Last modified: 2021/04/02 19:05 by hc9