Last active
March 15, 2020 13:48
-
-
Save pantunes/06982d56634ee5edb0374ebcd099f2f0 to your computer and use it in GitHub Desktop.
Ubuntu steps after fresh install
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Update all packages to the latest version | |
1. sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y | |
# Install DNS Service Discovery for Zeroconf Networking | |
2. sudo apt install avahi-daemon avahi-discover avahi-utils libnss-mdns mdns-scan | |
# Set Hostname | |
3. sudo nano /etc/hostname | |
sudo nano /etc/hosts | |
sudo hostname <my_machine> | |
# Mount external Drive | |
https://www.itenvoy.com/adding-a-new-drive-to-ubuntu-18-04lts | |
4. sudo fdisk -l | |
mkdir -p /mnt/vault | |
sudo mount /dev/<sda1> /mnt/vault/ | |
nano /etc/fstab | |
```/dev/<sda1> /mnt/vault ext4 defaults 0 0``` | |
# Secure SSH | |
https://www.lifewire.com/install-fail2ban-on-ubuntu-server-18-04-4179020 | |
5. sudo apt install fail2ban | |
# unblocking ip address | |
sudo fail2ban-client set sshd unbanip <192.168.1.100> | |
# Setup Firewall | |
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-18-04 | |
https://support.us.ovhcloud.com/hc/en-us/articles/115001669550-How-to-Secure-Your-SSH-Connection-in-Ubuntu-18-04 | |
https://devops.ionos.com/tutorials/secure-the-ssh-server-on-ubuntu | |
6. sudo ufw default deny incoming | |
sudo ufw default allow outgoing | |
sudo ufw allow from 192.168.0.0/16 to any port 22 | |
sudo ufw allow from 172.16.0.0/12 to any port 22 | |
sudo ufw allow from 10.0.0.0/8 to any port 22 | |
sudo ufw allow from 169.254.0.0/16 to any port 22 | |
sudo ufw allow from fc00::/7 to any port 22 | |
sudo ufw allow from fe80::/10 to any port 22 | |
sudo ufw allow from ff00::/8 to any port 22 | |
sudo ufw enable | |
sudo ufw status verbose | |
sudo service ssh restart | |
sudo nano /etc/ssh/sshd_config | |
Protocol 2 | |
PermitRootLogin no | |
PasswordAuthentication no | |
# Disable swap to prevent burning out your SD card | |
https://linuxize.com/post/how-to-add-swap-space-on-ubuntu-18-04 | |
7. sudo swapon --show # swap on? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment