This is a basic checklist setup for your VPS. This checklist based on the excellent guide by DigitalOcean. The checklist is shortened version of the guide by DigitalOcean, but it also includes a few extra steps.
1. Login as Root
Login in to your server as root with your SSH keys. If you haven't added your SSH keys to your DigitalOcean user, see this guide for more information.
2. Create a New User
Create a new user on the server and set a password for the user when prompted.
3. Add Root Privileges To Your User
This command gives the user you created in the previous step root privileges.
usermod -aG sudo your_username
4. Setup a Basic Firewall
You want to have as few ports as possible open. However, you need the ports for SSH connections open. Type the command bellow to open the ports for OpenSSH.
ufw allow OpenSSH
Then enable the firewall with the command:
5. Enable SSH Login for Your New User
Enable SSH login for the user you just created. This is done by copying the
~/.ssh folder from your root folder to your new user. Use the command below to copy to the user and set your user as the folder owner. Remember to change
your_username with your actual username.
rsync --archive --chown=your_username:your_username ~/.ssh /home/your_username
6. Disable Root Login
It should not be possible to login to the root user with SSH. Open the SSH config file:
And find the line which says
PermitRootLogin and change the line from yes to no:
This should be a setup an VPS after it has been created by your hosting provider. This guide is by no means perfect for everyone, but should serve as a starting point for most people.
If you want to support this blog you can do so by signing up to DigitalOcean using this referral link