Home Before I do anything on Linux, I do these first...
Post
Cancel

Before I do anything on Linux, I do these first...

Posted 2020-10-31 Updated 2022-08-05 2 min read

Before I do anything on Linux, I do these first...

After setting up my Linux servers, there are a few things I do before I use them for their intended purpose. This ranges from security, to tools, to config. Join me as we set up our first Linux server in this tutorial and walk through setting it up proper (and maybe some bonus items sprinkled in).

Watch Video

See all the hardware I recommend at https://l.technotim.live/gear

Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files.

Update

1
2
3

sudo apt-get update

sudo apt-get upgrade

Reconfigure unattended-upgrades

1

sudo dpkg-reconfigure --priority=low unattended-upgrades

Verify unattended upgrades configuration file in your text editor of choice

1

/etc/apt/apt.conf.d/20auto-upgrades

To disable automatic reboots by the automatic upgrades configuration edit the following file:

1

/etc/apt/apt.conf.d/50unattended-upgrades

and uncomment the following line by removing the leading slashes:

1

//Unattended-Upgrade::Automatic-Reboot "false";

Account

add user

1

sudo adduser someuser

add to sudoers

1

sudo usermod -aG sudo someuser

SSH Server

install

1

sudo apt-get install openssh-server

copy key from client to server

1

ssh-copy-id [email protected]

switch to key based auth

1

sudo nano /etc/ssh/sshd_config

Add these attributes

1
2

PasswordAuthentication no
ChallengeResponseAuthentication no

Networking

static IP

sudo nano /etc/netplan/01-netcfg.yaml

1
2
3
4
5
6
7
8
9
10
11

network:
  version: 2
  renderer: networkd
  ethernets:
    ens18:
     dhcp4: no
     addresses:
        - 192.168.0.222/24
     gateway4: 192.168.0.1
     nameservers:
       addresses: [192.168.0.4]

Install oh-my-zsh

1
2
3
4
5

sudo apt-get update
sudo apt-get install zsh
sudo apt-get install powerline fonts-powerline

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

Fix LVM

1

sudo lvm

1

lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv

1

exit

1

sudo resize2fs /dev/ubuntu-vg/ubuntu-lv

hostname

1

sudo hostnamectl set-hostname

1

sudo nano /etc/hosts

Time Zone

Check time zone:

1

timedatectl

Change time zone:

1

sudo timedatectl set-timezone

You can also use if you want a menu.

1

sudo dpkg-reconfigure tzdata

NTP Time

1

sudo nano /etc/systemd/timesyncd.conf

1

NTP=192.168.0.4

1

sudo timedatectl set-ntp off

1

sudo timedatectl set-ntp on

install kvm agent

1

sudo apt-get install qemu-guest-agent

firewall

1

sudo  ufw default deny incoming

1

sudo ufw default allow outgoing

1

sudo ufw allow ssh

1

sudo ufw enable

fail2ban

1

sudo apt-get install fail2ban

1

sudo cp /etc/fail2ban/fail2ban.{conf,local}

1

sudo cp /etc/fail2ban/jail.{conf,local}

1

sudo nano /etc/fail2ban/jail.local

1

backend = systemd

check status

1

sudo fail2ban-client status

1

sudo fail2ban-client status sshd
homelab
homelab linux ubuntu
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Contents