Initial Setup Ubuntu Server 18.04

Once you get the ubuntu server 18.04 up and running, there are few basic configurations that you should do after the installation. And we would recommend for everyone to do this basic initial setup Ubuntu Server 18.04. Because it will improve the usability of your server, and most importantly improve the security of your server.

In this tutorial, we will show you a basic initial setup for Ubuntu Server 18.04. However, this guide can be applied to old ubuntu versions such as Ubuntu 16.04 or 14.04.

Update and Upgrade the System

Firstly, we need to ensure all default packages on the system is up to date. In particular, system update related the ubuntu security.

Update repositories and upgrade all packages by running following commands.

sudo apt update
sudo apt upgrade -y

Create New Admin User

After upgrading all packages, we will create a new admin user that have a privilege to become root or sudo. Because we will disable the default ‘root’ user from accessing the server.

For this example, we will create a new user called ‘mohammad’. And of course, you can replace it with your own username.

useradd -m -s /bin/bash mohammad

Now give the user a new strong password.

passwd mohammad

After that, grant the root/sudo privileges to new user ‘mohammad’ by adding the user to ‘sudo’ group. Run the following command.

usermod -a -G sudo mohammad

Improve SSH Security

This is one of the most important things about server security. For this example, we’re going to improve the SSH security by changing the default port, disable user root login, and enable ssh key-based authentication.

By changing the default port and disable root login, we can minimalism brute-force attack on ssh service. And by enabling the ssh key-based authentication make your server more secure.

For that purpose, we need to edit the ssh configuration ‘ssh_config’ on the ‘/etc/ssh/’ directory.

cd /etc/ssh
vim sshd_config

Change the default port with your own.

Port 2200

Now disable the root login by changing the ‘PermitRootLogin’ option value to no.

PermitRootLogin no

Save and close configuration, then restart the ssh service.

sudo systemctl restart sshd

After that, enable the ssh key-based authentication by generating the ssh key from the local computer and upload the public key to the server.

From the local computer, generate new ssh key using the following command.

ssh-keygen -t rsa -C 'mohammad key'

Detail options:

  • -t rsa – Key type RSA
  • -C – comment for the key

The public and private key will be available at the ~/.ssh directory.

Next, upload the public key to the server.

ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] -p 2200

Type the password, and your public key will be uploaded at the ‘~/.ssh/authorized_keys’ directory on the server.

Now login to the server using the private key and the custom port.

ssh [email protected] -p 2200

As a result, you will be logged in to the with your ssh key instead of a password.

Setup UFW Firewall

If you’re on the production, it’s recommended to turn on the firewall. Because the firewall will make sure only connection to certain services is allowed. And for Ubuntu server, we can use the default firewall called ‘UFW’.

Firstly, we need to ensure all services running on the server and which ports are actually used. For this example, we only have the ssh service that runs on the custom port ‘2200’.

Add the custom ssh port to the ufw firewall.

sudo ufw allow 2200/tcp

After that, enable the ufw firewall by running the following command.

sudo ufw enable

As a result, only the ssh connection on port ‘2200’ allowed to the server.

Finally, initial setup Ubuntu Server 18.04 has been completed.