🐧 Ubuntu/Debian Server Setup
This guide covers the initial setup for Ubuntu and Debian-based servers.
System Update
# Update package lists
sudo apt update
# Upgrade all packages
sudo apt upgrade -y
# Install essential tools
sudo apt install -y curl wget git vim htop net-toolsCreate Admin User
# Create user
sudo adduser admin
# Add to sudo group
sudo usermod -aG sudo admin
# (Optional) Disable root login after setting up user
sudo passwd -l rootConfigure SSH
# Edit SSH config
sudo vim /etc/ssh/sshd_configRecommended settings:
# Disable root login
PermitRootLogin no
# Disable password auth (after setting up SSH keys)
PasswordAuthentication no
# Change port (optional)
Port 2222Apply changes:
sudo systemctl restart sshdFirewall (UFW)
# Enable UFW
sudo ufw enable
# Allow SSH
sudo ufw allow 2222/tcp
# Allow HTTP/HTTPS
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Check status
sudo ufw status verboseInstall Fail2Ban
# Install
sudo apt install fail2ban
# Create local config
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# Edit config
sudo vim /etc/fail2ban/jail.localAdd/edit:
[sshd]
enabled = true
port = 2222
filter = sshd
maxretry = 3
bantime = 3600# Start and enable
sudo systemctl enable fail2ban
sudo systemctl start fail2banAutomatic Updates
# Install unattended-upgrades
sudo apt install unattended-upgrades
# Configure
sudo dpkg-reconfigure -plow unattended-upgradesVersion-Specific Notes
Ubuntu 22.04 LTS
# Check version
lsb_release -a
# Cloud-init (for cloud instances)
sudo apt install cloud-initUbuntu 24.04 LTS
# New features
# - Linux kernel 6.8
# - Python 3.12 default
# - Improved App ArmorNext: CentOS/RHEL Setup