This article takes a lot of information from the tutorial here https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04. It is a good read, however, I am going to list the steps on the site as well, so you can just follow along here.
Now we need to connect to your droplet or VPS. To do so, I recommend downloading Putty. If you are running on a modern machine, you most likely have a 64 bit machine, so I recommend downloading all the tool by clicking on
putty-64bit-0.70-installer.msi. At this time, the version is 0.70. Once installed, you can utilize putty to connect to your server.
Update Your Server
This first thing you will want to do, is update your machine. You will most likely be logged in as the root user at this time. However, to get used to the
sudo command, I will be sudoing everything!
Now, type in the following commands to update your system
sudo apt update sudo apt upgrade
This will get your server setup to the latest and greatest versions and security fixes. Or at least hope it does 😀
Create New User
In Ubuntu 16.04 it is very easy to create a user. You simple put
adduser a space and than the username. In this example, I will be using my name.
sudo adduser joshua
You will be asked a few questions, starting with the account password. Make sure to enter a strong password. You also have the option to fill in any of the additional information if you would like. This is not required and you can just hit
ENTER in any field you wish to skip.
Please make sure to remember your password
Set User With Root Privileges
This is a super simple and super easy way to grant your user with SUPER POWERS!
usermod -aG sudo joshua
-aG in this means Add user to Group
sudo then the username in this case
joshua. Once logged in as the new user, you can do root privileged stuff by simply saying
sudo apt update or
sudo nano somefile.vue
Add Public Key Authentication
At this point you should already have a public key setup for root. If not, you need to get that done. If you would like, you can create a new key. You should still be in root. to switch users within the terminal, you can type in this:
This will log you into that user
joshua, of course you will want to log in with your user you created. Logging in to the new user you can then generate a new key for that user specifically. You do not need to do this, unless you will be setting up git, and want to connect to github or gitlab or bitbucket or whatever git repo you use. (Hopefully you use git and not SVN…) To generate a key you can run this command.
Just follow the prompts. if you have some trouble, post in the comments below and I will help you out! Now you will have your private key setup at
~/.ssh/id_rsa and public key will be at
~/.ssh/id_rsa.pub. You can then plug your public key into your git repo so you have access. You can output the key by running
A ~ means users root directory. This is set in a user file, but is defaulted to
/home/joshua/ where joshua is your username you are logged into. If you are logged into root, it would be a different folder. If logged into user greg, it would be
You are now going to want to add your key that you login with the server to your new user, so instead of logging in as root and running
su joshua to switch to that user, you can log directly into you user. I would first check and see if the file
authorized_keys exists, if not we can create the file. To check to see if the file exists simply run:
If you see
authorized_keys as one of the files, then it already exists and you can skip the creation of the file. To create the file run this:
touch ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
To edit and put in your ssh key you can edit the file by running:
Add your key and save. I always hit
CTRL + X hit
ENTER. This should save the file.
Disable Password Authentication
This part is if it isn’t already disabled. Edit the SSHD config file:
sudo nano /etc/ssh/sshd_config
Set the following settings:
PasswordAuthentication no PubkeyAuthentication yes ChallengeResponseAuthentication no
Now restart SSHD
sudo systemctl reload sshd
At this point I would test logging into the user using putty. If all is successful, you can now celebrate that you have done all the boring stuff.
Part 4’s link will appear here once article is published! It will be a simple run down on Setting up your firewall. Need to keep those hackers out.