Initial Ubuntu 14.04 Server Setup

So you just got a new VPS and/or dedicated server and you want to use it as a webserver, fileserver, mailserver or maybe even all of the above. Buy before you do any of that, you KNOW that you gotta harden the security on it right… rightt??? Of course you do… In this tutorial we are going to go through the steps of locking down a server out there on the internet and making it safe enough to host our applications.

Note: While I am writing this for ubuntu 14.04, it should be exactly the same for debian and any other debian based distro (including previous versions of ubuntu)

Step 1 – Login to the Server

Before we can start configuring we need to login to said server, to do this, assuming you have windows we can either download putty (easy and just works) or cygwin (my preferred option but you need to select ssh during installation). If you have linux or mac, just open up your ‘terminal’ and type

ssh root@192.168.1.1

Replace ‘192.168.1.1’ with your server’s ip address and ‘root’ with the login for your server, if you are unsure what your username is, leave it as root.

Accept whatever certificate it provides and enter your password when it prompts you for it.

Step 2 – Change the root Password

Now that we have logged into our server we want to immedieately change the root password, to do this we type

passwd

At the prompt enter and confirm your new password.

Step 3 – Change Default SSH Port

Now that we have changed out default password, to make it even more difficult for intruders we change the default ssh port. Open up config file
nano /etc/ssh/sshd_config

find the line that says

Port 22

and replace 22 with any number between 1000 and 65000 and is not already found in the TCP area of this wiki article.

Tip: to exit nano press Ctrl + Z. It will ask you to save.. type Y then enter to overwrite.

Step 4 – Reload SSH

To restart the ssh service type

service ssh restart

you can now logout of your server

logout

and relog with the command

ssh root@10.0.10.20 -p 4444

with 4444 being the port you previously chose.

Thats it for this tutorial, if you are still a bit paranoid about your server, we can secure it even more by installing denyhosts, or you can skip that and move on to Setting up an Ubuntu/Debian LAMP Server or maybe you would prefer to Setup a LEMP Server.

 

You may also like...

Leave a Reply