Log into your vps as
root as the password.
We're going to disable the root account for security, but first we need a user account for day-to-day use.
useradd -m <username>
Set the password for this user.
Add this user to the "sudo" group so that it can run commands as root.
usermod -aG sudo <username>
Log out and log back in as your new account, then disable the root account.
sudo passwd -dl root
ufw for simple firewall management.
sudo ufw enable
In your control panel at vps.sdf.org, note YOUR_IP (e.g. 18.104.22.168) on the top line, and YOUR_HOSTNAME (e.g. ubuntu99).
Delete the file
/etc/netplan/00-installer-config.yaml then create a new file
/etc/netplan/01-netcfg.yaml, open it in an editor and add the following, replacing the text YOUR_IP with the IP address from the previous step::
network: version: 2 renderer: networkd ethernets: eth0: dhcp4: no addresses: - YOUR_IP/24 gateway4: 22.214.171.124 nameservers: addresses: [126.96.36.199]
Save the file, then apply the config by running:
sudo netplan apply
Confirm that your IP is now assigned to your network interface:
Confirm that networking is functional:
Add this to /etc/hosts:
YOUR_IP YOUR_HOSTNAME.sdf.org YOUR_HOSTNAME
Change /etc/hostname to:
Pull latest package information.
sudo apt-get update
Apply all available updates.
sudo apt-get upgrade
sudo shutdown -r now
sudo apt-get install openssh-server
/etc/sshd/sshd_config and disable root login:
sudo systemctl restart sshd
Create a firewall rule to allow ssh connections. If you'll always be connecting from the same ip (eg. your home computer) you can create explicit rules to only allow that ip to connect. However, note that most ISPs do not assign static IPs, so if yours changes you'll need to log into the console and update your firewall.
sudo ufw allow from YOUR_HOME_IP/32 to any port 22
If you need to be able to connect from anywhere, allow 22 from anywhere.
sudo ufw allow 22
There are a few things that can be removed at this point to clean up your install to reduce resource use and protect your privacy.
When you type a command that's not found on your $PATH, Ubuntu will try to look it up and recommend packages to install that may be what you're looking for. This often means that instead of a quick error message, there is a delay before returning to a prompt. You can stop this behavior by removing the
sudo apt-get purge command-not-found
In the output you should see a message about a folder being left behind because it's non-empty. We can safely clean this up as well.
sudo rm -rRf /var/lib/command-not-found
python3-commandnotfound was a dependency for this tool that is no longer needed. You can have apt clear this with autoremove.
sudo apt autoremove
You may have noticed that on login, your MOTD contains a lot of information, some of which is dynamically generated from sources on the internet. One of these steps sends information about the machine to Ubuntu as part of the request for latest news. We can disable this in
You can take this further and move or delete the files found in
/etc/update-motd.d/ and optionally replace them with your own script. On login, Ubuntu will execute the scripts in this folder and display anything they send to stdout. You can also create
/etc/motd and any text in that file will be displayed after any output from your motd scripts.