How do I setup my Linux server on Debian?

I screw around with my VMs so often that I actually have a bunch of bash scripts I run for quickly getting past the initial minimal setup process hassle. Rather than copying and pasting my entire script contents here, I thought it’d be more useful to list out all the commands and steps for future reference.

  1. Login via ssh. Replace ‘hostname’ with the provided server IP address and enter your root password.

    ssh [email protected]

  2. Update your system and install some essential software.

    apt-get update
    apt-get install sudo nano ufw
    apt-get upgrade

  3. The root user is the administrative user and has very broad privileges. Hence, it is generally discouraged to use it on a day-to-day basis.

    adduser lzy

    You will be prompted to set a password and enter some info but you can safely skip those. You might also want to replace ‘lzy’ with the actual username of your choice.

    Add the newly created user to the sudo group so you can actually perform actions which require superuser privileges.

    usermod -aG sudo lzy

  4. Set up a basic firewall with UFW:

    ufw allow OpenSSH
    ufw enable

    You can now log out of your VM.

  5. On your client machine (i.e. your computer) create a key pair and copy the public key to your server:

    ssh-copy-id -i ~/.ssh/ [email protected]

  6. You can now login to your server with your newly created user without entering the password:

    ssh [email protected]

  7. Once you’re able to login successfully with the user with sudo privileges, run the following commands to harden the ssh configuration:

    sudo sed -i '/PasswordAuthentication/c\PasswordAuthentication no' /etc/ssh/sshd_config
    sudo sed -i '/PubkeyAuthentication/c\PubkeyAuthentication yes' /etc/ssh/sshd_config
    sudo sed -i '/ChallengeResponseAuthentication/c\ChallengeResponseAuthentication no' /etc/ssh/sshd_config
    sudo systemctl reload sshd

There are probably plenty of other settings you can muck around to further harden the system but this is likely good enough for starters.

Have fun!