Guide To Initial Server Setup on Ubuntu 20.04

Windows Articles

How to enable and disable SMB1/SMB2 in Windows 10

Hello! Windows 10 is an operating system that integrates various protocols to ensure its use with internal and external processes. Indeed, one...

Install Wine 5 on Debian 10

Hi, folks. In this post, I will help you install Wine 5 on Debian 10. Wine is one of...

Is ReactOS a real alternative to Windows?

Oh! The eternal struggle of computer operating systems. Windows vs. GNU/Linux and Mac as a distant spectator However, there are also interesting...

How to install Firebird on Ubuntu 20.04/ 18.04?

Database management systems are sufficient for many kinds of projects. Of course, they abound with MySQL / MariaDB or PostgreSQL popular but...

How to disable Firewall in Windows Server 2019/2016

Hello! The Firewall performs an essential security task on any version of Windows Server. In fact, it has the mission of preventing...

Today we are going to learn that how you can take initial steps to secure and harden your freshly installed Ubuntu 20.04 system in order to stay secure. Just follow the below guide to initial server setup on Ubuntu 20.04 to keep you away from attackers.

Step 1: Upgrade Your System

Make sure that you’ve the fresh updates and all packages are upgraded successfully. Run the below command to update and upgrade your Ubuntu 20.4.

sudo apt update && sudo apt upgrade -y

Step 2: Add User Account for Ubuntu 20.04

Make sure you’ve created a system user. Root user is not recommended for work on Ubuntu 20.04. Type the below command to add a user to the Server.

sudo adduser sysadmin

Then add this user to the sudo group by hitting the following command to attain sudo privileges.

sudo usermod -aG sudo sysadmin

Step 3: Enable Secure SSH Server

To enable secure SSH access, first of all change the default SSH port and also make sure to disable the remote root SSH login. Because default ports are open to attackers and they can easily try to get into your system. To do this edit the file /etc/ssh/ssh_config with your favorite editor.

Port 2222
PermitRootLogin no

Step 4: Set Key Based SSH On Ubuntu 20.04

We recommend you to prefer the key-base SSH login instead of using a password. Run the below command to generate the SSH key on Ubuntu 20.4.

ssh-keygen
sabi@Ubuntu:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/sabi/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/sabi/.ssh/id_rsa
Your public key has been saved in /home/sabi/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:lcgQhanDckHCU3qX0PrFpFqcwqMC0l9qU+n1JCPwGLg sabi@Ubuntu
The key's randomart image is:
+---[RSA 3072]----+
| ..++.o=. |
| +o+.++.. . |
| ..=.Xo*o o |
|o E.@.@ *.. |
|o = % +S= |
|. . * o . |
| . . . |
| |
| |
+----[SHA256]-----+

Then copy the new public key .ssh/id_rsa.pub file data to server ~/.ssh/authorized_keys file. For convenience, you can also run the following command.

ssh-copy-id -i ~/.ssh/id_rsa.pub sysadmin@remote.server.net

And login without any password.

ssh sysadmin@remote.server.net

Step 5: Configuring Firewall with FirewallD on Ubuntu 20.04

As firewalld is not installed on the Ubuntu 20.04 so install it by the following command.

sudo apt install firewalld

Then start and enable the firewalld services to take effect.

systemctl start firewalld
systemctl enable firewalld

As firewall only allow SSH access to remote users you may add other services as you needed. Here I’m going to add http and https the command will be like

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https

Note: Firewall uses the /etc/services file to check the ports of the services. If some ports are not included in /etc/services, you can add like below.

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --permanent --add-port=10000/tcp

You can reload the changes by typing

firewall-cmd --reload

To see a list of all the allowed services run

firewall-cmd --permanent --list-all

So, this is how you can take initial server setup to harden your system Ubuntu 20.04.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to enable and disable SMB1/SMB2 in Windows 10

Hello! Windows 10 is an operating system that integrates various protocols to ensure its use with internal and external processes. Indeed, one...

Install Wine 5 on Debian 10

Hi, folks. In this post, I will help you install Wine 5 on Debian 10. Wine is one of...

Is ReactOS a real alternative to Windows?

Oh! The eternal struggle of computer operating systems. Windows vs. GNU/Linux and Mac as a distant spectator However, there are also interesting...

How to install Firebird on Ubuntu 20.04/ 18.04?

Database management systems are sufficient for many kinds of projects. Of course, they abound with MySQL / MariaDB or PostgreSQL popular but...

How to disable Firewall in Windows Server 2019/2016

Hello! The Firewall performs an essential security task on any version of Windows Server. In fact, it has the mission of preventing...