Setup and Secure VPS

Contributors:
Share:

TABLE OF CONTENTS

SECURE VPS

check if there are any login attemps from outside:

tail -n 10 -f /var/log/auth.log

definition:

ssh: secure shell, a program and protocol for securely logging in to and running programs on remote machines across a network

Login to VPS via SSH

ssh root@your-ip-address

Updagrade Package Lists and Upgrade Packages

sudo apt update
sudo apt upgrade

Check if Reboot is needed

ls /var/run/reboot-required

if the output is : /var/run/reboot-required then reboot is required and run “reboot

Change root password

paswd

create non root user

type id in the terminal… if the output is uid=0(root) then you are the root user. adduser username it will ask for a password… add one

allow superuser previledges

usermod -aG sudo username

sudo su - username to switch to newly created user

login as non-root user

ssh username@your-ip-address and run command with sudo for root previledges

sudo stands for super user do

login with SSH key

make sure you are in the local machine

create a new ssh key

https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent check the ssh public key cat .ssh/id_ed25519.pub to check the private key cat .ssh/id_ed25519

add the public key to the vps server…

login to the VPS…and check the current directory pwd create new directory named .ssh mkdir .ssh create a file named authorized_keys nano .ssh/authorized_keys paste and save the public ssh key here next time

disable password login

if you want multiple local computers to allow ssh login then need to perform the same action as before …add ssh key to the local machine and then add it to the vps server…

  • go to the file sudo nano /etc/ssh/sshd_config
  • scroll down to the PasswordAuthentication to no.
  • there is another config file to update sudo nano /etc/ssh/sshd_config.d/cloud-init.conf
  • restart the ssh service sudo service ssh restart

disable root login

  • go to the file sudo nano /etc/ssh/sshd_config
  • scroll down to the PermitRootLogin to no.
  • restart the ssh service sudo service ssh restart

network and firewall policy

do it with ufw

Change default SSH port

  • go to the file sudo nano /etc/ssh/sshd_config
  • there you will find the default port for ssh

Restrict port access to specific IP

same as above

Enable and configure automatic updates

sudo apt install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades

https://github.com/mvo5/unattended-upgrades?tab=readme-ov-file#supported-options-reference

check if the service is running

 sudo systemctl status unattended-upgrades

Cloud Config

When ordering a VPS, you can choose from one of four different installation options. One of the options available is to use a cloud config file.

With a cloud-config file you can automatically adjust the configuration of a Linux server after the installation process: During the first boot of your server, a program called cloud-init reads the data in the cloud-config file and adjusts the configuration based on this file to your wishes. For example, you can create users, set passwords, add SSH keys, add repositories, install packages and much more.

docs : https://cloudinit.readthedocs.io/en/latest/reference/examples.html

sample: https://gist.github.com/w3cj/cdd447b1a10ce741e4ee968fa6b75553

or we can follow all the steps one by one described above

Use a VPN to connect to a VPS

explore OpenVPNWireGuard services

Configure 2FA on ubuntu

doc link: https://ubuntu.com/tutorials/configure-ssh-2fa#1-overview

ban hosts that cause multiple authentication errors

doc link: https://github.com/fail2ban/fail2ban

The image shows that your server is receiving multiple unauthorized login attempts, likely from bots or malicious users trying to gain access to your system. This is commonly referred to as “brute-force attacks.” Here’s how you can secure your server and stop these login attempts:

1. Install Fail2ban:

Fail2ban is a tool that scans your logs for suspicious login attempts and blocks IP addresses after a certain number of failed login attempts.

  • Install Fail2ban:sudo apt-get install fail2ban
  • Start and enable the service:sudo systemctl start fail2ban sudo systemctl enable fail2ban
  • Configure Fail2ban by editing /etc/fail2ban/jail.local. Add the following to configure the SSH jail:[sshd] enabled = true port = ssh logpath = /var/log/auth.log maxretry = 5 bantime = 3600 # Time (in seconds) the IP will be banned (e.g., 1 hour)
  • Restart Fail2ban:sudo systemctl restart fail2ban

More about ssh config

doc link: https://www.man7.org/linux/man-pages/man5/ssh_config.5.html

  • Welcome to our blog details page, your gateway to in-depth captivating narratives. Dive into thought-provoking articles,and engaging content that goes beyond the surface

    View all posts

Send Us A Message

Connect with Softeko

Please fill out the form and a representative from our team will be in touch with you shortly. We strive to respond to all inquiries within 24 hours during business days. Also, you can reach us directly via social media. We are available on Facebook, YouTube, & LinkedIn.

image
+8801327403953
image
[email protected]

Your Success Starts Here!

Please enable JavaScript in your browser to complete this form.
Name