DEV Community

SaKKo
SaKKo

Posted on • Edited on

How I setup my Digital Ocean Ubuntu 20.04 Server?

My personal note to setup ubuntu server, my old note is in Quiver.

Before creating a droplet, make sure to select the SSH-KEY that is used login to server.

To generate new key, use this command and input the path you want to store the new key.

ssh-keygen
Enter fullscreen mode Exit fullscreen mode

After creating a droplet, ssh into server using

ssh -i ~/.ssh/ssh_key root@server_ip
Enter fullscreen mode Exit fullscreen mode

Create a new user, for example ubuntu

adduser ubuntu
Enter fullscreen mode Exit fullscreen mode

Make ubuntu a sudoer so that ubuntu can be used instead of root

usermod -aG sudo ubuntu
Enter fullscreen mode Exit fullscreen mode

Swap user to ubuntu and copy ssh public key to ~/.ssh/authorized_keys

su ubuntu
cd ~
mkdir .ssh
vim authorized_keys  # paste the ssh public key here
exit  # back to root user
Enter fullscreen mode Exit fullscreen mode

exit again to close this session.

Try login using ubuntu user. If done correctly, there should be no password prompt.

ssh -i ~/.ssh/ssh_key ubuntu@server_ip
Enter fullscreen mode Exit fullscreen mode

make ubuntu sudo without supplying password

sudo visudo
Enter fullscreen mode Exit fullscreen mode

Add this line to the last part

ubuntu ALL=(ALL) NOPASSWD:ALL
Enter fullscreen mode Exit fullscreen mode

ctrl+x y enter to exit the editor

exit to close the session.

SSH back in

ssh -i ~/.ssh/ssh_key ubuntu@server_ip
Enter fullscreen mode Exit fullscreen mode

run sudo date there should be no password prompt.

Now disable root ssh login

sudo vim /etc/ssh/sshd_config
Enter fullscreen mode Exit fullscreen mode

Change PermitRootLogin yes to PermitRootLogin no

Add a line AllowUsers ubuntu to allow ubuntu to login.

Then restart ssh.

sudo service ssh restart
Enter fullscreen mode Exit fullscreen mode

Now exit to close session again and test logging back in to server.

ssh -i ~/.ssh/ssh_key ubuntu@server_ip
Enter fullscreen mode Exit fullscreen mode

Finally

sudo apt update
sudo apt upgrade
Enter fullscreen mode Exit fullscreen mode

NOTE: To change SSH Port from 22 to something else

sudo vi /etc/ssh/sshd_config
Enter fullscreen mode Exit fullscreen mode

Change Port 22 to the port you want.

Restart SSH sudo service ssh restart and then to SSH, use

ssh -i ~/.ssh/ssh_key root@server_ip -p PORT
Enter fullscreen mode Exit fullscreen mode

Done! Next, try using ansible to setup other softwares.
Also checkout firewall before using in production.

Top comments (2)

Collapse
 
cescquintero profile image
Francisco Quintero 🇨🇴

Great article, thanks for sharing!

In a next article you might one to share how to change the default port (22) to something more secure like 34982

Collapse
 
sakko profile image
SaKKo

Ok, I will add this.

sudo vi /etc/ssh/sshd_config

Change Port 22 to the port you want.

Restart SSH sudo service ssh restart and then to SSH, use

ssh -i ~/.ssh/ssh_key root@server_ip -p PORT