Home  »  ArticlesGuidesHow ToSoftwareTechnologyTools   »   Initial Server Setup for Ubuntu 22.04 Systems

Initial Server Setup for Ubuntu 22.04 Systems

When you first create a new Ubuntu server, you should perform some important configuration steps that will increase the security and usability of your server and give you a good foundation usage of your system. In this tutorial we will focus on initial server setup for Ubuntu 22.04.

Initial Server Setup for Ubuntu 22.04

Step 1 — Creating a New User

When you first access your Ubuntu 22.04 server after installation, you will do so as root user. The root user is the administrative user in a Linux environment with elevated privileges. Because of that, users are discouraged from using it regularly.

To avoid destroying your Ubuntu system intentionally or worse, by accident we will be setting up a new user account with reduced privileges for every-day use, and increased privileges on a need-be basis.

Once you log in as root, you can add the new user account. In our examples going forward we will create a new user called ben. You can use a username that is more appropriate to you:

# adduser ben

Follow the prompts presented to your and remember to set a strong password. The information requested in the prompts are optional and can be skipped by simply pressing Enter.

Step 2 — Grant Administrative Privileges

The new user account (ben) is now available with regular account privileges. More often than not you will sometimes need to perform administrative tasks as the root user. It will be cumbersome to keep logging out of the current user to log in as root when the situation arises.

Ubuntu provides a more elegant way with superuser or root privileges for your user’s regular account. These privileges will allow your normal user to run commands with administrative privileges by prepending the word sudo before the command.

See also  Get Your Copy of the new Qt Creator 4.0.1 Release

There is a sudo system group that facilitates this feature. By default on Ubuntu 22.04, users who are members of the sudo group are allowed to use the sudo command.

As root, run this command to add your new user to the sudo group:

# usermod -aG sudo ben

From now on, When logged in as ben you can execute commands that require superuser privileges using the word sudo.

Step 3 — Set up a Firewall

In Ubuntu 22.04 servers you can use the UFW firewall to restrict connections to certain services through specific ports and IPs. UFW is ideal for setting up a basic firewall rules.

Some applications installed via apt register their profiles with UFW. These profiles allow UFW to manage these applications by name rather than specifying the default ports.

You can examine the list of installed UFW profiles by typing:

# ufw app list
Output
Available applications:
  OpenSSH

Here you can see that OpenSSH, the service that allows you to connect to your server using ssh has a profile registered with UFW. You will need to make sure that the firewall allows SSH connections so that you can log into your server next time from a remote terminal. Allow these connections by typing:

# ufw allow OpenSSH

Now, you can enable the firewall:

# ufw enable

You can now view which connections are allowed through your firewall by typing:

# ufw status
Output
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)

The output shows that the firewall is currently blocking all connections except for SSH through IPv4 and IPv6 addresses. When you install and configure other applications and services, you will need to repeat the same to adjust the firewall settings to allow the required traffic to your server targeting those services.

See also  Highlights From the Start of Facebook's F8 Developer Conference

Step 4 — Confirm External Access for Your Regular User

You may want to open a new terminal before signing out of root in case there is some misconfiguration you can fix things before proceeding.

SSH access for your new user depends on whether your server’s root account uses a password or SSH keys for authentication. This would have been set up during server installation.

When root Account Uses Password Authentication

If you logged in to your root account using a password then password authentication is already enabled for SSH. With your new regular user, you can SSH to your new user account in the new terminal session using this command:

$ ssh [email protected]_server_ip

Once logged in you can test the elevated administrative privileges using the following syntax, $ sudo command for example:

$ sudo apt update

You will be prompted for your regular user’s password when using sudo for the first time each session and periodically afterward when you have been idle for some time.

To enhance your server’s security, we strongly recommend setting up SSH keys instead of using password authentication.

When root Account Uses SSH Key Authentication

If you logged in to your root account using SSH keys, then password authentication is disabled for SSH. In that case the regular user will have to log in with an SSH key. You can do this by adding a copy of your local public key to your new user’s ~/.ssh/authorized_keys file.

This public key can be found in the root account’s ~/.ssh/authorized_keys file on the server. All you need to do is copy that file to the regular user’s home directory maintaining the directory structure, ownership, and permissions with one command using rsync.

# rsync --archive --chown=ben:ben ~/.ssh /home/ben

You may now open a new terminal session and log in using without a password:

$ ssh [email protected]_server_ip

Keep in mind that you will be prompted for the regular user’s password when escalating privilges using sudo.

See also  How to Enable or Disable HTML Form Elements Using jQuery

Conclusion

This is the initial server setup for Ubuntu 22.04 to lay as a foundation for making the best out of your server. sudo privileges allows you to install other services and application as well as update and upgrade your system from the regular user account.

Found this article interesting? Follow Brightwhiz on Facebook, Twitter, and YouTube to read and watch more content we post.

Share it!