Guide To Initial Server Setup on Ubuntu 20.04

Windows Articles

How to update apps on Android

Hi folks! In this post, we will show you how to update your Android apps. Updating the apps on your device is...

How to install Apache Ant on Ubuntu 20.04?

Hello, friends. Apache Ant is a very important tool for the development of applications in Java. So in this post, we will...

How to use the ss command

For Linux users, there will come a time when you need to know about the network. Several tools help in this process,...

How to create user template in Windows Server 2019/2016

Hello! Windows Server has many features that support system administration. For example, through the users it is possible to manage many administrative...

Debian 10.6 available

Several volunteers have developed the free software distributed under the name of Debian. Debian does not sell its software directly, the developers...

Today we are going to learn that how you can take initial steps to secure and harden your freshly installed Ubuntu 20.04 system in order to stay secure. Just follow the below guide to initial server setup on Ubuntu 20.04 to keep you away from attackers.

Step 1: Upgrade Your System

Make sure that you’ve the fresh updates and all packages are upgraded successfully. Run the below command to update and upgrade your Ubuntu 20.4.

sudo apt update && sudo apt upgrade -y

Step 2: Add User Account for Ubuntu 20.04

Make sure you’ve created a system user. Root user is not recommended for work on Ubuntu 20.04. Type the below command to add a user to the Server.

sudo adduser sysadmin

Then add this user to the sudo group by hitting the following command to attain sudo privileges.

sudo usermod -aG sudo sysadmin

Step 3: Enable Secure SSH Server

To enable secure SSH access, first of all change the default SSH port and also make sure to disable the remote root SSH login. Because default ports are open to attackers and they can easily try to get into your system. To do this edit the file /etc/ssh/ssh_config with your favorite editor.

Port 2222
PermitRootLogin no

Step 4: Set Key Based SSH On Ubuntu 20.04

We recommend you to prefer the key-base SSH login instead of using a password. Run the below command to generate the SSH key on Ubuntu 20.4.

ssh-keygen
sabi@Ubuntu:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/sabi/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/sabi/.ssh/id_rsa
Your public key has been saved in /home/sabi/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:lcgQhanDckHCU3qX0PrFpFqcwqMC0l9qU+n1JCPwGLg sabi@Ubuntu
The key's randomart image is:
+---[RSA 3072]----+
| ..++.o=. |
| +o+.++.. . |
| ..=.Xo*o o |
|o E.@.@ *.. |
|o = % +S= |
|. . * o . |
| . . . |
| |
| |
+----[SHA256]-----+

Then copy the new public key .ssh/id_rsa.pub file data to server ~/.ssh/authorized_keys file. For convenience, you can also run the following command.

ssh-copy-id -i ~/.ssh/id_rsa.pub sysadmin@remote.server.net

And login without any password.

ssh sysadmin@remote.server.net

Step 5: Configuring Firewall with FirewallD on Ubuntu 20.04

As firewalld is not installed on the Ubuntu 20.04 so install it by the following command.

sudo apt install firewalld

Then start and enable the firewalld services to take effect.

systemctl start firewalld
systemctl enable firewalld

As firewall only allow SSH access to remote users you may add other services as you needed. Here I’m going to add http and https the command will be like

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https

Note: Firewall uses the /etc/services file to check the ports of the services. If some ports are not included in /etc/services, you can add like below.

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --permanent --add-port=10000/tcp

You can reload the changes by typing

firewall-cmd --reload

To see a list of all the allowed services run

firewall-cmd --permanent --list-all

So, this is how you can take initial server setup to harden your system Ubuntu 20.04.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to update apps on Android

Hi folks! In this post, we will show you how to update your Android apps. Updating the apps on your device is...

How to install Apache Ant on Ubuntu 20.04?

Hello, friends. Apache Ant is a very important tool for the development of applications in Java. So in this post, we will...

How to use the ss command

For Linux users, there will come a time when you need to know about the network. Several tools help in this process,...

How to create user template in Windows Server 2019/2016

Hello! Windows Server has many features that support system administration. For example, through the users it is possible to manage many administrative...

Debian 10.6 available

Several volunteers have developed the free software distributed under the name of Debian. Debian does not sell its software directly, the developers...