Setup Ubuntu Server

After my server on DigitalOcean was attacked few times, I thought I should write an article about it. Do hope it is useful to you.

Step One — Root Login

 $ ssh root@your_server_ip

Step Two — Create a New User

 # adduser van

Step Three — Root Privileges

Set root privileges to new user.

 # usermod -aG sudo van

Step Four — Add Public Key Authentication (Recommended)

Generate a Key Pair

You need to generate a key pair on your local machine before putting it on the server.

 $ ssh-keygen
ssh-keygen output
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/localuser/.ssh/id_rsa):

You will be asked a few questions. It is recommended to leave the password field blank.

Copy the Public Key manually

On your local machine, type the command below will show your public key inside terminal.

 $ cat ~/.ssh/id_rsa.pub

Now copy it to the clipboard.

id_rsa.pub contents
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBGTO0tsVejssuaYR5R3Y/i73SppJAhme1dH7W2c47d4gOqB4izP0+fRLfvbz/tnXFz4iOP/H6eCV05hqUhF+KYRxt9Y8tVMrpDZR2l75o6+xSbUOMu6xN+uVF0T9XzKcxmzTmnV7Na5up3QM3DoSRYX/EP3utr2+zAqpJIfKPLdA74w7g56oYWI9blpnpzxkEd3edVJOivUkpZ4JoenWManvIaSdMTJXMy3MtlQhva+j9CgguyVbUkdzK9KKEuah+pFZvaugtebsU+bllPTB0nlXGIJk98Ie9ZtxuY3nCKneB+KjKiXrAvXUPCI9mWkYS/1rggpFmu3HbXBnWSUdf localuser@machine.local

Next, connect to your server as root user. Then switch to your sudo user.

 # su - van

Create .ssh folder.

 $ mkdir ~/.ssh
 $ chmod 700 ~/.ssh

Create authorized_keys file.

 $ nano ~/.ssh/authorized_keys

When the authorized_keys file opened. Let’s paste your public key here. Then press Ctrl-o to save the file and Ctrl-x to close it.

It’s better to restrict access privileges of this file.

 $ chmod 600 ~/.ssh/authorized_keys

Exit sudo user.

 $ exit

Step Five — Disable Password Authentication (Recommended)

Let’s open sshd_config file.

 $ sudo nano /etc/ssh/sshd_config

To disable password authentication, you need to set no to PasswordAuthentication directive.

PasswordAuthentication no

Then to make sure, you should check these default settings are correct.

PubkeyAuthentication yes
AuthorizedKeyFile  .ssh/authorized_keys
ChallengeResponseAuthentication no

Apply update sshd_config.

 $ sudo systemctl reload sshd

Step Six — Test Log In

It’s time to check if everything is working nicely. Let’s connect to your server with the new sudo user.

 $ ssh van@your_server_ip
 $ sudo command_to_run

Step Seven — Set Up a Basic Firewall

 $ sudo ufw enable
 $ sudo ufw allow OpenSSH
 $ sudo ufw status
Output
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)

Step Eight — Disable Root Login (Recommended)

To prevent server attack, it’s recommended to disable root login.

 $ sudo nano /etc/ssh/sshd_config

To disable root login, you just need to set no to PermitRootLogin directive.

PermitRootLogin no

What Next

These steps are the foundation of server setup. Now you can install any softwares on your new server.

To keep your server more secure, you could have a look at fail2ban solution or changing your ssh port. At the moment, I have just changed my ssh port. It works for now.

Happy coding!

References
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-14-04
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04

Install Atom Text Editor on Ubuntu 16.04

How to install Atom in Ubuntu via PPA:

Webupd8 Team is maintaining an unofficial PPA with most recent Atom packages for all current Ubuntu releases, and derivatives. While official Linux binary is 64-bit only, the PPA supports both 32-bit and 64-bit.

1. Add PPA

Open terminal (Ctrl+Alt+T) and run the command:

$ sudo add-apt-repository ppa:webupd8team/atom

2. Update and install Atom editor:

Update system package index and install the text editor via command:

$ sudo apt update; sudo apt install atom

Once Atom is installed and a new release is out in future, you can simply upgrade the editor by running regular system updates via Software Updater utility.

3. (Optional) To remove Atom text editor

To remove the software, use Synaptic Package Manager or just run apt command with remove flag:

$ sudo apt remove --purge atom

And the PPA can be remove via Software & Updates utility under Other Software tab.

References: tipsonubuntu.com

How to Uninstall Android Studio 2.2 on Ubuntu 16.04

  1. Delete the android-studio folder;
  2. Delete the sdk folder if it is in not inside the android-studio directory;
  3. Delete ~/.AndroidStudio2.2/, which contains config and system;
  4. Delete ~/.android;
  5. Delete ~/.local/share/applications/jetbrains-studio.desktop, if you created a shortcut using Configure->Create Desktop Entry.

Note:

The android-studio folder is normally in /usr/local/ for your user profile, or /opt/ for shared users.

The sdk folder is normally at ~/Android.

References: askubuntu.com

How To Install Sublime Text 3 (Build 3103) On Ubuntu 16.04

In order to successfully install Sublime Text 3 on Ubuntu 16.04 Xenial Xerus, you have to add the PPA to your system, update the local repository index and install the sublime-text-installer:

$ sudo add-apt-repository ppa:webupd8team/sublime-text-3
$ sudo apt-get update
$ sudo apt-get install sublime-text-installer

And to remove sublime text:

$ sudo apt-get remove sublime-text-installer

Ubuntu Useful Tips

1.  Create alias
Adding alias line at the end of the file: ~/.bashrc

alias [alias_name]='[something_you_want]'

Ex:

alias elasticsearch='~/Downloads/elasticsearch/bin/elasticsearch'

2. Tmux control terminator’s sessions
https://gist.github.com/MohamedAlaa/2961058

3. Terminator cheat sheet
http://www.knuckleheadtech.com/terminator-cheat-sheet/

4.  Check memory (RAM)

$ free -m

# To monitor memory usage with updates every five seconds.

$ watch -n 5 free

5.  Check disk size

$ df -h

6.  Remove an none-empty directory

$ rm -rf mydirectory

7.  Remove sudo prompts password for current user

$ echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo

8.  Disable ipv6
+ Add these lines to /etc/sysctl.conf


#disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

+ Apply sysctl.conf

$ sudo sysctl -p

9.  To create symlink /opt/foo –> /usr/bin/bar, (i.e., create symlink at /opt/foo which references to file /usr/bin/bar) do (See man ln):

$ ln -s /usr/bin/bar /opt/foo

10.  To order to add additional keys to pre-existing droplets, you can paste in the keys using SSH:

$ cat ~/.ssh/id_rsa.pub | ssh root@[your.ip.address.here] "cat >> ~/.ssh/authorized_keys"

11.  To copy the files from the src location to des loacation:

$ sudo rsync -avP src_dir_path/ des_dir_path/

12.  To switch user postgres

$ sudo -i -u postgres

13.  To unfold a gzip file

$ tar xzvf latest.tar.gz

14.  To install a .deb file in the usual Ubuntu way with dpkg.

$ sudo dpkg -i your_file_here.deb

This results in your-package being installed in /usr/share/your-package/

With its configuration files placed in /etc/your-package

And its init script added in /etc/init.d/your-package.

15. Check processes of a specific port example 9001

$ sudo lsof -i :9001

16. Kill applications

$ kill pid_number

Example: kill application that has PID 1234.

$ kill 1234

$ kill -9 pid_number

Example: kill application that has PID 1234 but more extreme and forceful.

$ kill -9 1234

$ killall application_name

Example: kill application or application instance that has name firefox.

$ killall firefox

17. Copy a file from remote server

scp username@source:/location/to/file /where/to/put

General syntax of scp :

scp username@source:/location/to/file username@destination:/where/to/put

See more: man scp .