In this post you’ll see first things you need to do on Ubuntu server before you truly build and setup a working web server to host your domains and databases in it. In short, these steps are beginning setup you have to apply on Ubuntu even before you install Apache and any stack you wish.For this tutorial we are assuming that you already have fresh installed Ubuntu Server.
Upgrade Your System
First login to your Ubuntu server with root access and issue following command to upgrade all packages.
apt-get update apt-get upgrade
CHANGE DEFAULT ROOT PASSWORD
If you’ve defined the root password during OS install then you don’t need to do this step.
To change default root password use the following command:
passwd
Then you have to enter the new password twice. Upon typing your new password you may not see it on screen.
Add new user
Root is default client with all administrator privileges. Every single new server have the same default administrator username which is “root” so hackers can just constrain to crack the password since they definitely knew there is dependably a user called “root” there. Thus, it is extremely recommended for every server administrator to add new user to login and configure it with sudo access So that it can get all sudo privileges., Here’s the way how to add new client:
adduser cppl
here you have to define the new password for that new user, after that simply hit Enter several times leaving the questions blank.
CHANGE SSH DEFAULT PORT
Normally new server created should use port 22 for its SSH connection.Hence, it is strongly recommended for you to change that default port as default ports are always on attackers.
Edit OpenSSH configuration file /etc/ssh/sshd_config and do the following changes:
Port 4567
Also disable root login from SSH
PermitRootLogin no
Setup Key Based SSH
This is good to arrange your server to login with key based only and disable password login. Produce a key pair on your client framework.
ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/cppl/.ssh/id_rsa): /home/cppl/.ssh/id_rsa_10 Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/cppl/.ssh/id_rsa_10. Your public key has been saved in /home/cppl/.ssh/id_rsa_10.pub. The key fingerprint is: b8:78:02:69:a7:4a:92:e8:97:35:02:7e:ce:02:28:fc cppl@cppl The key's randomart image is: +--[ RSA 2048]----+ | | | | | | | . . . | |+ = . . S | |== * + . | |*.* * + | |+o E o | |..o | +-----------------+
Now copy generated public key .ssh/id_rsa.pub file content on server’s ~/.ssh/authorized_keys directory. You can use following command.
ssh-copy-id -i ~/.ssh/id_rsa.pub cppl@remote.server.net
Now login to server with SSH, It will not prompt for passw
ssh cppl@remote.server.net
That’s all, You have made the several changes, Now it is time to apply your changes by reloading SSH. To do that, simply use this command:
reload SSH
You ’ve set all basic requirements to setup a working server. Now you can proceed to further installation.