Once you get a Ubuntu 16.04 virtual machine, it is the time for you to set it up for further usage like accessing from the remote server and use the machine for hosting.
Most of the people are trying to figure out what are all the things they have to do with their new server before start using.
This will help you improve the security and add new elements to the machine.
How to Setup Ubuntu Server?
Setting up Ubuntu Server is the essential one. This Ubuntu server setup will guide you through the basics server setup steps.
Step 1 Login to the remote server
The first thing you have to do is log in to the remote system from your local machine. You might use different Operating systems.
If you use Windows OS to access your Ubuntu Machine, you have to install the Putty software in the Ubuntu Machine.
If you are using any Linux distributions, you can just use the terminal to log in to the remote system as the user.
How to login from windows.
Download the Putty software and install it on your Windows machine.
Now open the putty
It will ask you the IP address and Port Numer of the machine.
Enter the Virtual Machine IP address and Port Number as 22.
Click on open.
The software will connect you to the remote system and asks you enter the root name.
login as: root
The prompt will ask you to enter the root password.
root@IP Address's password:
Here, IP address will be your Servers IP address.
Enter your password.
Due to the security reasons, the password won't be displayed.
So, don't panic and keep typing your password and press enter.
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-75-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 30 packages can be updated. 0 updates are security updates.
The above message will appear in your putty.
It means now you are logged in as the root user and perform the tasks.
If you are using Ubuntu Machine, Just Open the terminal and enter the following command.
local$ ssh root@server_ip_address.
You will be prompted for Username: Enter root and then you have to enter the password.
Now you will be logged into the server.
Why should you change the root?
Root User is the Administrative user of the Ubuntu. The one thing about the root user is it has all the privileges in the Ubuntu.
You can do any changes when you logged in as a root user.
This default user can destruct the OS if you misconfigure anything.
So, you have to create a new user and give its administrative access.
Once you create a new user, you have to add that to sudo user group which gives the new user with administrator privileges.
Once given the sudo permissions, you can execute the commands with administrator privileges by entering sudo in front of the command.
Step 2: Create New User
To create a new user, use the following command in Ubuntu.
# adduser rsk
Here, I have used my name. Now the user Selva will be created.
You will be asked some questions like below. Just answer them or leave it.
Just Press Enter to skip the questions.
# adduser rsk Adding user `rsk' ... Adding new group `rsk' (1001) ... Adding new user `rsk' (1001) with group `rsk' ... Creating home directory `/home/rsk' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for rsk Enter the new value, or press ENTER for the default Full Name : rskumar Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] y
One you enter all the details, you will be asked whether the given detail is correct or not.
Press Yand Enter.
Step 3 Add Root Privileges.
It is the time for you to make your user as a super user.
If you need to execute any commands, you have to be a root user otherwise you have to log out from the normal user and login to the root user.
Instead of that:
If you give administrator privileges to your new user, you can run commands which require administrator privileges to execute.
To do this, you have to add the user to the sudo group. By default, the user will be in their own group.
To see which group an user belongs to use "group" command.
# groups rsk
The output is
rsk : rsk
You can add them to sudo group using the following command.
# gpasswd -a rsk sudo Adding user rsk to group sudo
The user rsk is added to the sudo group. Now it can have sudo user privileges.
Step 4: Adding the Public Key Authentication
Now it is the time to enable the ssh authentication for the remote access.
Here you have to generate the private key and public key.
You need to generate public keys from your Local Ubuntu Machine using the following command.
If your local username is name1, then the output will look like the following.
$ ssh-keygen output Generating public/private rsk key pair. Enter file in which to save the key (/Users/name1/.ssh/id_rsa):
Press Enter to accept and save the key on the path or you can change the name.
You will be prompted for Passphrase to secure the key. You can enter the passphrase or skip it.
If you enter the passphrase, you will require both private key and public key while login.
If you skip it, you can just log in to the remote system without the passphrase.
Using passphrase is enhances the security.
This will generate the private key in id_rsa and public in id_rsa.pub in .ssh directory.
If you are using windows, you have to generate the key pairs through PUTTYgen.
Save private and public keys.
Open the public key and copy it.
There are two options available to add the public key to the remote server.
Option 1: Use ssh-copy-id
For this, you have to have the ssh-copy-id script installed on your machine.
So you can install the public key to any of the user which you have access.
Use the below command.
$ ssh-copy-id user@SERVER_IP_ADDRESS
Enter the user password and the public key will be installed at .ssh/authorized_keys on the remote server.
Now you can use the private key to login to the user.
Option 2: Manually Install the Key
In this method, you will copy the public key on the local machine.
Also, you have to create a .ssh directory and a file inside the machine.
Then you have to paste the public key to the file.
First, let us copy the public key from the local machine.
$ cat ~/.ssh/id_rsa.pub
Now, the output will show you the public SSH key.
id_rsa.pub contents ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "rsa-key-20170502" AAAAB3NzaC1yc2EAAAABJQAAAQEAkEsyQi7NnNCOZ3xKKhTvsVNfZImnJr/L0usLvWY8bRbWZcVeRui8mWUFDhWsKhnqRmKvUybIPOnQ+aCUtE5A2hCWOip1vTocIuFJXXVvqVH359FeKEGoW5c/4ayh9Qv8PW73n83thZigju2shcJM7rZh4v7PiyC2M4sPMM2RnRiJzdN3EVHrhkArnozFTeRgjAgA5hCWFXO6ePcJ65QFRVhduIl2aO9uZecrXMutFgsp8uxHscmaekHJ7x4PH0hcD8qm/Vk8DgSCt54Lh8HaRrsgpySSRxYvlfx4aUGXTT06yi48FJM8riZQb97/wxxhrA5wuP5jA4PgnlicI7w5JQ==
---- END SSH2 PUBLIC KEY ----
Copy the public key to the clipboard.
Adding Public Key to the new remote user.
Here you have to add the Public key to the remote system's home directory by creating a file in it.
If you are root user and need to add the public key to the specific user, change to that user by using the below command.
$ su - username
Now create a directory called .ssh and set the permission through the following line.
$ mkdir .ssh $ chmod 700 .ssh
Create a new file called authorized_keys in the .ssh directory. Here we are using the nano editor.
$ nano .ssh/authorized_keys
Paste the Public key you copied. Press CTRL+X and Press Y to save it.
Let us restrict the permission to the authorized_keys file.
$ chmod 600 .ssh/authorized_keys
Type exit to return to the root user.
You can log in through SSH using the private key.
Step 5: Configure SSH Daemon
We are going to make a small modification to the SSH daemon configuration file disabling the remote SSH login to access the root user.
Open the SSH Daemon configuration file in nano editor using the following command as root user.
$ nano /etc/ssh/sshd_config
Look for the following line in the file.
/etc/ssh/sshd_config (before) PermitRootLogin yes
You can disable the root SSH login and we can access our server from a normal user account.
If we need any privileges, we can change it later.
Now, change the yes to no in the line.
/etc/ssh/sshd_config (after) PermitRootLogin no
You must disable the root SSH login on your server. It is important for security purpose.
Once you paste the root login, now its time to save and exit the file. Press CTRL+X and then Press Y.
Step 6: Reload the SSH.
We have made some changes, so now it's time to reload the SSH services to use the current configuration.
# service ssh restart
Don't log out from the server. Open a new terminal and establish a new connection to the server to check whether we could establish the new connection using the new configuration.
We have to log in as a new user instead of the root account.
Use the below command to log in to the new user by replacing your new username and IP address.
If you are using putty to connect your server, you have to ensure that the port number is appropriate to the current configuration to connect it.
Once you click open, you will be prompted for that user password. Just enter the password to log in to the new user.
If you need to run a command with sudo privileges, just add sudo in front of it.
$ sudo your command.
Once you are done with your work, you can just exit by typing exit.
You have learned how to create a new user and give them sudo privileges.
You also learned how to connect to your remote server from Ubuntu Terminal and Putty In Windows.
We have seen how to generate private and public keys and also seen how to add the public key to the server.
At last, we have seen how to disable the SSH root login.
This is the necessary basic setup for a server.
If you have any doubts regarding the server setup, please let us know in comments.