×
  • Shared Hosting

    Fast reliable and affordable cPanel Web Hosting from $2.99 per month.

  • Reseller Hosting

    Multiple websites? No problem with our multi-site hosting package. From $5.99 per month.

  • Annual Hosting

    Save money on web hosting by paying annually. Starting at $29.99 per year.

  • VPS Servers

    Need more power and resources? Choose our VPS server, only $7.99 per month.

  • FREE HOSTING PLAN

    Ideal for students and unemployed.

    Register

Initial VPS Account Setup Ubuntu 16.04

19/09/2017 | |0 comment

This short tutorial describes the things you really should be doing when you start working with new VPS ~ Virtual Private Server – Ubuntu 16.04

Create a Non-Root User Account and Public/Private SSH Keys for Security.

You will normally have a control panel that will allow you to install Ubuntu 16.04 server edition if it is not already pre-installed.

Make sure you have the following details available before you start.

Required:

  • SSH terminal – Mac and Linux come with the tools  required for ssh preinstalled installed.
    Windows users will need to install Putty, its free to download. Click here for putty download page.
  • VPS with Ubuntu 16.04 installed. This is easily done via your ISP’s Control Panel if it’s not already pre-installed.
    *ISP stands for Internet Service Provider is the company supplying your VPS
  • Root login details (Your ISP will have send you these details)
  • IP Address of your server

You will have ‘root’ user login details from your VPS provider.

You can ‘earn’ a self managed VPS from www.gigarocket.net with their Post 2 Host services. GigaRocket are a community of people worldwide who use their service for all kinds of websites and project. Very good resource of knowledge with a friendly and helpful. Simply post 25 quality posts per month with questions or answers . Sounds a lot but it’s surprisingly easy and glues the community together.

Logging in to your sever with ‘root’ account

  1. Open your Terminal (Putty terminal for Windows users)
  2. Log in. As in the description below: ssh is the program used to securely connect. root is the user account. Root user is like God, it can do anything. It’s dangerous having that kind of power, we’ll add your a sudo account soon. Sudo is like being Jesus. The dollar sign $ is the command prompt, it’s there to tell you it’s listening for your commands. You may see a hast prompt # instead. Same thing, it’s listening for commands.
  3. Press Enter to execute the command

Replace your_server_ip with the IP address your ISP has given you.

$ ssh root@your_server_ip

You should now have something akin to:

$ ssh root@107.34.50.51

After pressing enter, you’ll possibly get a warning about host authenticity:

The authenticity of host 
'124.70.91.250 (107.34.50.51)' can't be established.
ECDSA key fingerprint is 
SHA256:THsmUR++nPCSkfxlSe4olnNdHIELa0Tba0jDARZ1xhw

Are you sure you want to continue connecting (yes/no)? yes

If it appears like in the example above, type in yes as I have above ^^^^^^^

You will then need to enter your password that the ISP gave you.

If it is your first time logging into the server with a password, you will also be prompted to change the root password. Change it to something secure, I tend to throw in some symbols such as: $!*%

Create a New User Account

At the moment you’re logged in as Root so now we’ll create a normal user account. I’m adding ‘Bert‘ as a user.

# adduser bert

The command is adduser and the username is Bert – replace bert with your name.

You’ll be asked for a password. Make it strong. An example strong password is:

Hnds(0e%$”

I know it like something you’d never remember, so use a password manager for all your passwords. It’s the only way to be secure these days with password crackers and the like so easily available .

You could be creative and make something more memorable: “p4$5_w0rdz!” – we’ll harden our security shortly.

You be asked a few questions, you can simply press enter and leave these blank.

We’re going to give the new user bert some superuser privileges. Currently he is a normal mortal. This will allow bert user to run commands with administrative privileges by putting the word before each command and make him a Ubuntu Jesus (you can change to prefered deity)

# usermod -aG sudo bert

The usermod command modifies the user with ‘sudo’ rights. Heres your first sudo command, lets update your sources list (more about that in another tutorial)

# sudo apt-get update

this means that everything executed after the sudo command is run as the superuser (essentially root with a few differences)

This command updates the list of software sources, we’ll be installing various software on our server to make is useful. Things like web server software and a database, but more about that later.

You could, if you wanted, leave the server as it is, however, I would advise you to add another layer of security, especially if this vps is going to be running anything you care about.

How to Add Public Key Authentication (Using Linux or Mac Home Computers)

Follow the link at the end of this tutorial for instructions for adding RSA keys using a Windows home computer

The next step in securing your server is to set up public key authentication for your new user. Setting this up will increase the security of your server by requiring a private SSH key to log in.

Generate a Key Pair

We are assuming that you do not have a key pair. In this section, we are going to generate a public and private key pair, one for the remote vps and one for your home computer.

Only you, from your home computer will be able to log in to your server. You will have to take your private key on a memory stick and use that to authenticate from another computer.

To generate a new key pair, enter the following command at the terminal of your local machine (on your home computer):

$ ssh-keygen
Hit the enter key and the key pair will be generated
You’ll be asked where you want to save it. The default path is fine unless you have a special reason to change it. Just hit enter again.
Next, you will be prompted for a passphrase to secure the key with. You may either enter a passphrase or leave the passphrase blank.
I don’t bother, but it is even more secure if you do and either way is more secure than just a password without keys. If you do, make sure you remember it.
The Public Key needs to be uploaded to the server next

Copy Public Key to VPS

There are a few ways you can tackle this one, I’m going to go with the one tend to use myself.

One your local machine (the one you use from home) type the following command

$ ssh-copy-id bert@your_server_ip

You’ll be asked for your password at the prompt. Type it in and your public key will be added to the remote user’s .ssh/authorized_keys file of your VPS.

The private key on your local (home) machine can now be used to log into the server

Try it

$ ssh bert@your_server_ip

If all is well, you’ll be logged in and will have secured your VPS from you or anyone accidently or otherwise smiting your installation!

Well done.

Windows users can follow this digital ocean tutorial to achieve the same with Putty

Its here

#commandline #cli #ssh #root #secure #rsa #authentication #sudo

Submit your review
1
2
3
4
5
Submit
     
Cancel

Create your own review

Average rating:  
 0 reviews
blunderduck

Super hero, shop owner