Complete Configuration Guide for Ubuntu 24.04 LTS ARM64 VPS Server¶
Set the Timezone to Warsaw¶
Minimize the Installation¶
Install Git and GitHub CLI¶
Add a New User and Grant Sudo Privileges¶
Replace your_username with your desired username.
Add no password sudo access for the new user¶
echo "your_username ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/your_username
sudo chmod 0440 /etc/sudoers.d/your_username
Set Up SSH Keys for the New User¶
1. Create the .ssh Directory¶
2. Generate an SSH Key Pair¶
3. Add the Public Key to authorized_keys¶
Method 1: Append the Key¶
4. Set Permissions¶
5. Install putty-tools¶
6. Convert the Private Key to PPK Format¶
¶
Chicken and Egg Problem with SSH Keys¶
Now we need to copy the keys to local machine, and we have three options:
Option 1: Use scp (if password authentication is enabled)¶
For Windows (PowerShell):¶
scp your_user@server_address:~/.ssh/my-server-key C:\Users\YourUser\Downloads\
scp your_user@server_address:~/.ssh/my-server-key.pub C:\Users\YourUser\Downloads\
scp your_user@server_address:~/.ssh/my-server-key.ppk C:\Users\YourUser\Downloads\
For Linux/macOS:¶
scp your_user@server_address:~/.ssh/my-server-key ~/Downloads/
scp your_user@server_address:~/.ssh/my-server-key.pub ~/Downloads/
scp your_user@server_address:~/.ssh/my-server-key.ppk ~/Downloads/
Alternative: Use ssh-copy-id¶
If you have password authentication to the server, you can use ssh-copy-id to copy the public key to the server. This will allow you to log in without a password. But you need to generate the keys first on local machine and copy them to the server.
Option 2: Copy via another user (if you only have SSH key authentication)¶
2.1 Copy Keys to the ubuntu User's Home Directory¶
2.2 Change Ownership and Permissions of the Keys¶
sudo chown ubuntu:ubuntu /home/ubuntu/my-server-key
sudo chown ubuntu:ubuntu /home/ubuntu/my-server-key.pub
sudo chmod 600 /home/ubuntu/my-server-key
sudo chmod 644 /home/ubuntu/my-server-key.pub
Option 3: Manual Copy-Paste¶
Just use "cat" command to show private and public keys, copy and save it to your local machine:
BONUS¶
If You want to block root login and password authentication, you can do it with the following command:
sudo sed -i 's/^#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config && sudo sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config && sudo systemctl restart sshd
sudo sed -i 's/^PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config && sudo sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config && sudo systemctl restart sshd
ssh użytkownik@adres_serwera -p port "mkdir -p ~/.ssh && chmod 700 ~/.ssh" && scp -P port ~/.ssh/lokalizacja/klucz.pub użytkownik@adres_serwera:~/.ssh/authorized_keys
GitHub Authentication¶
Set Global Git Configurations¶
Update, Upgrade, and Clean the System¶
sudo apt-get update && sudo apt-get upgrade -y
sudo apt-get dist-upgrade -y
sudo apt-get autoremove -y
Install Comprehensive Tools¶
sudo apt update && sudo apt install mc nano net-tools iputils-ping curl wget git htop tcpdump traceroute vim zip unzip neofetch ncat cifs-utils bash-completion hstr -y
Install CrowdSec for System Protection¶
curl -s https://install.crowdsec.net | sudo sh
sudo apt install crowdsec
sudo apt install crowdsec-firewall-bouncer-iptables
sudo systemctl restart crowdsec