Initial login with ssh root@domain.tld
Get OS info
cat /etc/os-release
Update and upgrade
apt update && apt upgrade
Install software
apt install -y \
zsh wget curl git zip htop mc mcedit neofetch ncdu tmux apt-transport-https \
ca-certificates software-properties-common gnupg gnupg-agent lsb-release uidmap
Install simple firewall, if needed (optional)
apt install -y ufw
ufw allow OpenSSH && ufw allow 22 && ufw allow 80 && ufw allow 443 && ufw enable && ufw status verbose
systemctl enable ufw && systemctl start ufw
Tweak system
journalctl --vacuum-size=100M
sudo swapoff -a
Set hostname
hostname "domain.tld"
hostnamectl set-hostname "domain.tld"
hostnamectl set-hostname "domain.tld" --pretty
nano /etc/hosts
Add user <user>
adduser <user>
usermod -a -G sudo,users,adm,systemd-journal,<user> <user>
mkdir -p /home/<user>/.ssh
Add public key for new user
We can get this run on local machine tail ~/.ssh/id_rsa.pub
echo "ssh-rsa <HASH> name@email.tld" > /home/<user>/.ssh/authorized_keys
Add new user super user access without password
nano /etc/sudoers
and add line <user> ALL=(ALL:ALL) NOPASSWD:ALL
right after %sudo ALL=(ALL:ALL) ALL
Install docker (optional)
wget -nv -O - https://get.docker.com/ | sh
usermod -a -G docker <user>
Reboot
reboot
Login after reboot with ssh <user>@domain.tld
Config user
chsh -s $(which zsh)
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
git config --global user.email "name@email.tld" && git config --global user.name "Name Surname"
Add aliases for user with nano ~/.zshrc
alias g="git"
alias h='history'
alias j='jobs -l'
alias c='clear'
alias ll="ls -lahF"
alias l.='ls -d .*'
alias ..='cd ..'
alias ...='cd ../../'
alias ....='cd ../../../'
alias .....='cd ../../../../'
alias .1='cd ../'
alias .2='cd ../../'
alias .3='cd ../../../'
alias .4='cd ../../../../'
alias .5='cd ../../../../../'
alias now='date +"%T"'
alias nowtime=now
alias nowdate='date +"%d-%m-%Y"'
alias ports='netstat -tulan'
alias tx="tmux attach || tmux new"
alias tm="tmux attach || tmux new"
alias ii="open"
alias df="df -h"
alias disk=df
alias big-files="sudo du -h -t 250M /"
alias home="cd \$HOME"
alias reload=". ~/.zshrc"
alias upgrade="sudo apt update && sudo apt upgrade"
alias osinfo="cat /etc/os-release"
alias reboot="sudo reboot"
alias docker="sudo docker"
alias su="sudo -s"
and . ~/.zshrc
after that
Disable password login
sudo nano /etc/ssh/sshd_config
and set (uncomment and replace) next parameters
PermitRootLogin no
PasswordAuthentication no
UsePAM no
Save and close the file and call after that
sudo systemctl reload ssh
Update and upgrade
sudo apt update && sudo apt upgrade
sudo reboot