pantunes/Ubuntu

## Ubuntu
# Update all packages to the latest version
1. sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y

# Install DNS Service Discovery for Zeroconf Networking
2. sudo apt install avahi-daemon avahi-discover avahi-utils libnss-mdns mdns-scan

# Set Hostname
3. sudo nano /etc/hostname
   sudo nano /etc/hosts
   sudo hostname <my_machine>

# Mount external Drive
https://www.itenvoy.com/adding-a-new-drive-to-ubuntu-18-04lts
4. sudo fdisk -l
   mkdir -p /mnt/vault
   sudo mount /dev/<sda1> /mnt/vault/
   nano /etc/fstab
   ```/dev/<sda1>     /mnt/vault      ext4        defaults      0       0```

# Secure SSH
https://www.lifewire.com/install-fail2ban-on-ubuntu-server-18-04-4179020
5. sudo apt install fail2ban
   # unblocking ip address
   sudo fail2ban-client set sshd unbanip <192.168.1.100>

# Setup Firewall
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-18-04
https://support.us.ovhcloud.com/hc/en-us/articles/115001669550-How-to-Secure-Your-SSH-Connection-in-Ubuntu-18-04
https://devops.ionos.com/tutorials/secure-the-ssh-server-on-ubuntu
6. sudo ufw default deny incoming
   sudo ufw default allow outgoing
   sudo ufw allow from 192.168.0.0/16 to any port 22
   sudo ufw allow from 172.16.0.0/12 to any port 22
   sudo ufw allow from 10.0.0.0/8 to any port 22
   sudo ufw allow from 169.254.0.0/16 to any port 22
   sudo ufw allow from fc00::/7 to any port 22
   sudo ufw allow from fe80::/10 to any port 22
   sudo ufw allow from ff00::/8 to any port 22
   sudo ufw enable
   sudo ufw status verbose
   sudo service ssh restart

   sudo nano /etc/ssh/sshd_config
   Protocol 2
   PermitRootLogin no
   PasswordAuthentication no

# Disable swap to prevent burning out your SD card
https://linuxize.com/post/how-to-add-swap-space-on-ubuntu-18-04
7. sudo swapon --show # swap on?
	# Update all packages to the latest version
	1. sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y

	# Install DNS Service Discovery for Zeroconf Networking
	2. sudo apt install avahi-daemon avahi-discover avahi-utils libnss-mdns mdns-scan

	# Set Hostname
	3. sudo nano /etc/hostname
	sudo nano /etc/hosts
	sudo hostname <my_machine>

	# Mount external Drive
	https://www.itenvoy.com/adding-a-new-drive-to-ubuntu-18-04lts
	4. sudo fdisk -l
	mkdir -p /mnt/vault
	sudo mount /dev/<sda1> /mnt/vault/
	nano /etc/fstab
	```/dev/<sda1> /mnt/vault ext4 defaults 0 0```

	# Secure SSH
	https://www.lifewire.com/install-fail2ban-on-ubuntu-server-18-04-4179020
	5. sudo apt install fail2ban
	# unblocking ip address
	sudo fail2ban-client set sshd unbanip <192.168.1.100>

	# Setup Firewall
	https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-18-04
	https://support.us.ovhcloud.com/hc/en-us/articles/115001669550-How-to-Secure-Your-SSH-Connection-in-Ubuntu-18-04
	https://devops.ionos.com/tutorials/secure-the-ssh-server-on-ubuntu
	6. sudo ufw default deny incoming
	sudo ufw default allow outgoing
	sudo ufw allow from 192.168.0.0/16 to any port 22
	sudo ufw allow from 172.16.0.0/12 to any port 22
	sudo ufw allow from 10.0.0.0/8 to any port 22
	sudo ufw allow from 169.254.0.0/16 to any port 22
	sudo ufw allow from fc00::/7 to any port 22
	sudo ufw allow from fe80::/10 to any port 22
	sudo ufw allow from ff00::/8 to any port 22
	sudo ufw enable
	sudo ufw status verbose
	sudo service ssh restart

	sudo nano /etc/ssh/sshd_config
	Protocol 2
	PermitRootLogin no
	PasswordAuthentication no

	# Disable swap to prevent burning out your SD card
	https://linuxize.com/post/how-to-add-swap-space-on-ubuntu-18-04
	7. sudo swapon --show # swap on?