How to setup a fresh Ubuntu VPS - Best Practices

Michael Schmidt
Published: Aug 17, 2024 by Michael Schmidt
How to setup a fresh Ubuntu VPS - Best Practices

Update Your Server #

Before doing anything else, make sure your server’s software is up to date. Run the following commands:

sudo apt update
sudo apt upgrade -y

This ensures that your system has the latest security patches and software updates.

Create a New User with Sudo Privileges #

For security purposes, it’s recommended to avoid using the root user for daily tasks. Instead, create a new user with sudo privileges:

sudo adduser yourusername
sudo usermod -aG sudo yourusername

Replace yourusername with your desired username. Now, you can switch to this user:

su - yourusername

Change the Default SSH Port #

Disclaimer, do this on a new server, or never do it! High chance that any mistake you will close out yourself from the server!

Changing the default SSH port from 22 to a non-standard port can reduce the chances of automated attacks:

sudo nano /etc/ssh/sshd_config

Find the line:

#Port 22

Uncomment it and change 22 to your preferred port number, for example, 2200:

Port 2200

Enable SSH Key Authentication #

  1. Add your public key to the VPS key store:
echo "your_public_key" >> ~/.ssh/authorized_keys

Check first that you can connect with SSH key!

  1. Disable password authentication by editing the SSH configuration file:
sudo nano /etc/ssh/sshd_config

Ensure the following lines are set:

PasswordAuthentication no
  1. Restart SSH to apply the changes:
sudo systemctl restart ssh

Keep Your Server Updated #

Regularly updating your server is one of the best ways to protect against vulnerabilities:

sudo apt update && sudo apt upgrade -y

You can also enable automatic updates:

sudo apt install unattended-upgrades
sudo dpkg-reconfigure --priority=low unattended-upgrades

This will automatically install security updates.