| .. | ||
| README.md | ||
First login
# Login into the VPS
ssh root@codespec.xyz
# Update packages
apt update && apt upgrade
# Enable automatic updates
apt install unattended-upgrades
dpkg-reconfigure unattended-upgrades
Add a new user
This is done so that you can disable loging in as root user.
# '-m' creates a home directory,
# '-s' assigns a shell (/bin/bash in this case),
# 'user' is the name you want to give it
useradd -m -s /bin/bash user
passwd user # Set a password for 'user'
Add 'user' to sudo group. This will allow to execute
commands as root, such as sudo apt update.
Some distros user 'wheel' group instead of 'sudo'
Run command visudo to check root enabled groups.
Debian, Ubuntu and derivatives usually use 'sudo'.
usermod -aG sudo user # Give 'user' sudo privileges
su - user # Login into 'user'
sudo apt update # Test that you have access to sudo
# Exit your server, you may need to run 'exit' twice.
exit
Configure SSH keypair
In your local machine:
ssh-keygen # Generate keypair
ssh-copy-id -i ~/.ssh/id_rsa.pub user@codespec.xyz # Copy to server
ssh user@codespec.xyz # Check it works
ONCE IN THE VPS:
sudo nano /etc/ssh/sshd_config
Make sure to configure as follows
(We only need to allow 'user', but
you can add multiple users as well):
PermitRootLogin no
AllowUsers user otheruser yetanotheruser
PasswordAuthentication no
UsePam no
Then, restart SSH daemon
systemctl restart sshd
Enable UFW
# Allow SSH before enabling,
# Will drop shell otherwise.
ufw allow 22
# Enable firewall
ufw enable