Server
Server setup and administration
Server Initialization
Initial Linux server setup steps:
- Login to server as root:
ssh root@<ip> - Create new admin user:
sudo adduser <user> - Add user to sudo group:
sudo usermod -aG sudo <user> - Disable root login
- Open SSH configuration:
sudo vi /etc/ssh/sshd_config - Set
PermitRootLogintono
- Open SSH configuration:
- Configure Uncomplicated Firewall (UFW)
- Allow SSH connections:
sudo ufw allow OpenSSH - Open port 80 and 443 for Apache:
sudo ufw allow 'Apache Full' - Turn on firewall:
sudo ufw enable - Check:
sudo ufw status verbose
- Allow SSH connections:
- Reboot the server:
sudo reboot - Login as new user:
ssh <user>@<ip> - Check for package updates
apt list --upgradable1, Upgrade packagessudo apt upgrade - Show system info:
uname -a - Even though the kernel was updated, need to reboot to take effect:
sudo reboot - Just to be sure:
sudo apt update && sudo apt upgrade - Shutdown for backup/snapshot
sudo shutdown -h now - After snapshot, navigate to provider website and restart machine
Permissions
Syntax
General: _rwxrwxrwx 1 owner group
_ | rwx | rwx | rwx = Special | Owner | Group | All Users
Shorthand
4|r= Read2|w= Write1|x= Execute
Detailed
0=---1=--x2=-w-3=-wx4=r-5=r-x6=rw-7=rwx
Commands
chgrp = Change group
Example: sudo chgrp -R <group> <folder>
chown = Change ownership
Example: sudo chown -R <user>:<group> <file/folder>
chmod = Change permissions
Example: sudo chmod -R 774 <file/folder>
Make new files inherit the group: sudo chmod g+s <folder>
Example
Create a shared directory for a group.
Create a shared directory for users to access:
/shareAssign users to a common group (staff):
sudo usermod -a -G staff <user>Verify user groups:
groups <user>Create shared directory and assign permissions:
sudo mkdir /share && \ sudo chgrp -R staff /share && \ # assign group sudo chmod -R g+w /share && \ # permissions sudo chmod -R +s /share # inherit permissions for newly created files/folders