Beginner

Initial Server Setup on Ubuntu 23.04

Initial Server Setup on Ubuntu 23.04
0
(0)

Setting up a new server is an essential step in building a reliable and secure infrastructure. This guide will walk you through the process of performing an initial server setup on Ubuntu 23.04, covering all the necessary steps to get your server up and running smoothly. Eldernode offers an economically Ubuntu VPS Server, which you can check out the offered package to purchase it.

How to Perform Initial Server Setup on Ubuntu 23.04

Setting up a new server correctly is crucial for ensuring a reliable and secure infrastructure. By following best practices and implementing proper configurations, you can enhance the stability, performance, and security of your server. When setting up a new Ubuntu 22.04 server, there are several important configuration steps you should perform as part of the initial setup.

 

Perform-initial-server-setup-on-Ubuntu23.04

 

Recommended Article: How to Install Vaultwarden on Ubuntu 22.04

1- Login as Root

If you have installed an SSH key for authentication, you will also require the password or private key for the root user’s account. Firstly, you should log in to your Ubuntu 23.04 server as root as shown below:

ssh root@your_server_ip

Note: Replace the highlighted “your_server_ip” section of the command with the public IP address of your server.

If a warning about host authenticity appears, please accept it. In the case of password authentication on your server, provide your root password to log in. If you are using an SSH key with a passphrase, you may need to enter the passphrase the first time you use the key in each session. Additionally, if this is your initial login using a password, you might be required to change the root password. If prompted, follow the instructions provided to change the password.

To ensure your server is running the latest software packages, update the system. To do this, just run the following commands:

sudo apt update
sudo apt upgrade

2- Create a New sudo User

Once you successfully access the root account, you will have the capability to create a new user account. Going forward, you will utilize this newly created account for logging in, instead of using the root account:

adduser [desired username]

During the process, you will be prompted with a series of questions, beginning with the creation of the account password.

Please choose a robust password and, if desired, provide any additional information. It is important to note that supplying additional information is not obligatory, and you can simply press ENTER to skip any field.

Congratulations! You now possess a fresh user account with standard privileges. Nonetheless, there will be instances where you’ll require administrative capabilities similar to the root user.

You can configure what is referred to as superuser or root privileges for your regular user account. This configuration will empower your normal user to execute commands with administrative privileges by prepending the command with the word “sudo”.

To grant these privileges to your newly created user, you must add the user to the sudo system group. In Ubuntu 23.04, users belonging to the sudo group are granted permission to utilize the sudo command by default.

usermod -aG sudo [desired username]

From now on, you can prefix the commands with “sudo” while logged in as your regular user to execute them with superuser privileges. This will enable you to perform administrative tasks without the need to switch to the root user.

3- Setup a Firewall

Ubuntu 23.04 servers have the capability to utilize the UFW firewall, which enables the restriction of connections to specific services. This application can be employed to establish a straightforward firewall configuration.

Upon installation, applications have the ability to register their profiles with UFW. These profiles facilitate UFW in managing the applications by their respective names. OpenSSH, the service responsible for server connectivity, has a registered profile with UFW.

To check the list of installed UFW profiles, enter the command below:

ufw app list

Allow SSH connections from the Firewall to be able to log into your server next time:

ufw allow OpenSSH

In the next step, enable the firewall using the command below:

ufw enable

To check if SSH connections are allowed or not, enter the following command:

ufw status

The firewall is presently set to block all connections except for SSH. In the event that you install and configure additional services, it will be necessary to modify the firewall settings to permit the new traffic to your server.

4- Enable External Access for Regular Users

It is crucial to ensure that you can directly SSH into the account. The process of configuring SSH access for your new user depends on whether your server’s root account employs a password or SSH keys for authentication.

– Root Account Uses Password Authentication

If you logged into your root account using a password, it indicates that password authentication is enabled for SSH. To access your new user account via SSH, use the SSH command with your new username to establish the connection:

ssh [desired username]@[server_ip_address]

Replace [desired username] with your actual new username and [server_ip_address] with the IP address or hostname of the server you are connecting to.

Once you have entered your regular user’s password, you will be successfully logged in. It’s important to note that if you need to execute a command with administrative privileges, you should prefix it with “sudo” as follows:

sudo command_to_run

– Root Account Uses SSH Key Authentication

If you have logged in to your root account using SSH keys, then SSH password authentication is disabled. To log in as your regular user using an SSH key, you need to add a copy of your local public key to the following file of your new user:

~/.ssh/authorized_keys

As your public key is already present in the ~/.ssh/authorized_keys file of the root account on the server, you can easily replicate that file and directory structure to your new user account within your existing session.

A straightforward method to copy the files while preserving ownership and permissions is by utilizing the rsync command. This command enables you to copy the .ssh directory of the root user, maintain the permissions, and modify the file owners, all within a single command. Please ensure to modify the highlighted sections of the command below to correspond with your regular user’s name:

rsync --archive --chown=[desired username]:[desired username] ~/.ssh /home/[desired username]

Next, use SSH with your new username as shown below:

ssh [desired username]@your_server_ip

Once you have completed the steps, you should be able to establish a passwordless connection to your server using the new user account. Keep in mind that if you need to execute a command with administrative privileges, you can prefix it with “sudo” like the following:

sudo command_to_run

This will allow you to run the specified command with the necessary administrative privileges.

That’s it! We also provided articles that explain the initial server setup on Ubuntu 21.04 and Ubuntu 22.04, read them if needed.

Recommended Article: Tutorial Setup And Configure Nessus On Ubuntu 20.10

Conclusion

By following this comprehensive guide, you have successfully completed the initial server setup on Ubuntu 23.04. These steps lay a strong foundation for a secure and well-functioning server, ensuring the stability and protection of your infrastructure. If you encounter any problems during the setup process, you can contact us in the Comments section.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

View More Posts
Marilyn Bisson
Content Writer
Eldernode Writer
We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.

    Leave Your Comment

    Your email address will not be published.

    We are by your side every step of the way

    Think about developing your online business; We will protect it compassionately

    We are by your side every step of the way

    +8595670151

    7 days a week, 24 hours a day