Inhaltsverzeichnis
Contabo server setup
Just after setup of Ubuntu 20.04 VPS server at Contabo there are several things to do, mainly to set up a proper and save user account as well as the ssh daemon.
Preparation
For the first two steps you need to login as root via ssh. All subsequent steps should be done as you new sudo user that you create in step two. However, suggestion is to open two terminals/sessions as root user to the server and only work in one of the terminals for the first three steps (IPv6, SUDO and SSHD setup) and have the other one available if something does not work. After the third step is verified, you can close the second terminal/session.
Enable IP v6
This is a specific thing with contabo: Per default, IPv6 is NOT enabled, and should be done manually. Luckily, there is a command available to do it, but this is just made available via an alias definition in the root's '.bashrc':
alias enable_ipv6='sed -i "/net.ipv6.conf.all.disable_ipv6.*/d" /etc/sysctl.conf && sysctl -q -p && echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6 && sed -i "s/#//" /etc/netplan/01-netcfg.yaml && netplan generate && netplan apply'
So to perform this step, login as root and call
enable_ipv6
Done.
Set up SUDO
Login into server as root, add a user (jrathert
in this example), add user to sudo
group
adduser jrathert adduser jrathert sudo
Log out and in with ssh as the new user and try if sudo
works (e.g., by updating the apt database)
sudo apt update
If everything worked, disable the root account (by deleting and locking it, see man passwd
).
Attention: You can not login as root or su
to root after this step. So please make sure that your new sudo user setup and ssh really work!
sudo passwd -dl root
Set up SSH
Make sure ssh daemon listens on different port and does not allow root login:
- Set
Port 3141
- Set
PermitRootLogin no
# or comment out a line withyes
sudo nano /etc/ssh/sshd_config # do changes above sudo systemctl restart sshd
Now use different terminal to check if login works with new port
ssh -p 3141 jrathert@<server>
If everything works, you can and should close all other (root) terminals / sessions to the server now
Update Ubuntu
As a last step to make sure everything is up-to-date.
sudo apt update && sudo apt upgrade
Using the server
Of course there are many other relevant servers / daemons to be configured appropriately. The descriptions are, however, not Contabo specific, documentation can be found in the server section.
- Apache httpd server, incl. SSL via letsencrypt
- PHP as part of Apache
- MariaDB as database
- Exim as local mail daemon