Last active
March 16, 2025 06:06
-
-
Save yasershahi/e2e6cfa3c0eb15932b3c7becd9b3cf9d to your computer and use it in GitHub Desktop.
Revisions
-
yasershahi revised this gist
Dec 16, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -97,7 +97,7 @@ easy connect: ssh server ``` Disable root login: ```sh sudo nano /etc/ssh/sshd_config ``` -
Dec 16, 2024 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Dec 16, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,146 @@ # Server Setup Instructions ## Login via SSH ```sh ssh root@IP # enter password and hit Return ``` ## Set the Hostname ```sh nano /etc/hostname ``` > **Note:** If the server has a domain, put the full domain name; otherwise, write a name of choice. Add the hostname in the hosts file with IP `127.0.1.1`: ```sh nano /etc/hosts ``` > **Tip:** If your hostname is a subdomain, add the subdomain with a space like: ``` 127.0.1.1 server.domain.com server ``` ## Set DNS Servers ```sh nano /etc/resolv.conf ``` In most cases: ``` nameserver 1.1.1.1 nameserver 8.8.8.8 ``` ## Enable TCP BBR ```sh nano /etc/sysctl.conf ``` ``` net.core.default_qdisc=fq net.ipv4.tcp_congestion_control=bbr ``` ```sh sysctl -p ``` ## Add a Local User ```sh adduser yaser ``` Add user to sudo group: ```sh usermod -aG sudo yaser ``` replace yaser! ## Update the Server ```sh apt update && apt dist-upgrade -y ``` Then reboot to apply changes: ``` reboot ``` ## Add SSH Keys to Server In local OS run: ```sh ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] ``` Then connect: ``` ssh server.domain.com ``` or you can create a local config: ```sh nano .ssh/config ``` then add your server details ``` Host server HostName 123.586.789.012 User yaser ``` easy connect: ``` ssh server ``` Disable password authentication: ```sh sudo nano /etc/ssh/sshd_config ``` Set `PermitRootLogin` to `no`. Restart `ssh`: ```sh sudo systemctl restart ssh ``` > **Warning:** Before closing the terminal, open another terminal and verify that SSH is working. ### Set Timezone (Optional) ```sh sudo timedatectl set-timezone Asia/Tehran ``` ## Install Some Packages ```bash sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common htop git bash-completion rsync make zip -y ``` ## Set Up UFW for Ubuntu ```sh sudo apt install ufw -y ``` Allow necessary ports: ```sh sudo ufw allow 22/tcp sudo ufw allow 80 sudo ufw allow 443 ``` Enable UFW: ```sh sudo ufw enable ``` ## Install Fail2ban ```sh sudo apt install fail2ban ``` check the status ```sh systemctl status fail2ban ```