On this tutorial, we’re assuming that you have already got recent put in Ubuntu Ubuntu 20.04 LTS (Focal Fossa) server. We advocate utilizing LTS model of Ubuntu on your servers like Ubuntu 20.04 LTS (Focal Fossa). Now after putting in Ubuntu server 20.04 server, proceed for the post-installation steps in your server. This tutorial consists of steps that are helpful for configuring for a server to use fundamental safety of the server.

Ubuntu 20.04 LTS Initial Server Setup

Observe the under steps.

1. Improve Your System

To begin with, login to the Ubuntu 20.04 system through the system terminal. Now, execute the next instructions to replace apt cache and improve all packages in your system.

sudo apt replace
sudo apt improve

2. Create Person Account

We don’t advocate to make use of root person to work on Ubuntu 20.04. Let’s create an account for system administration and allow sudo entry for that.

sudo adduser sysadmin

Now add the newly created person to the sudo group, In order that it could get all sudo privileges.

ssudo usermod -aG sudo sysadmin

3. Safe SSH Server

We really useful to vary default SSH port, it lets you safe your system from hack makes an attempt. To alter default port edit OpenSSH configuration file /and many others/ssh/sshd_config and do the next modifications.

  • Change Default Port – Will probably be good to vary default ssh port as default ports are at all times on attackers. Port 2222
  • Disable Root SSH Login – Additionally you want to disable root login through ssh. PermitRootLogin no

4. Setup Key-Based mostly SSH

That is strongly really useful to make use of key primarily based ssh login as an alternative of password login. To configure this, create a ssh key pair in your native system.

Linux customers can use the collowing command, and Home windows person use puttygen.exe to generate ssh key pair.


Pattern output:

Producing public/non-public rsa key pair.
Enter file through which to avoid wasting the important thing (/house/sysadmin/.ssh/id_rsa):
Created listing ‘/house/sysadmin/.ssh’.
Enter passphrase (empty for no passphrase):
Enter similar passphrase once more:
Your identification has been saved in /house/sysadmin/.ssh/id_rsa
Your public key has been saved in /house/sysadmin/.ssh/id_rsa.pub
The important thing fingerprint is:
SHA256:Wewuzm5MjMkiTQA4zFKPpGWpOcEE7TGRlFSgYGpsWHE [email protected]
The important thing’s randomart picture is:
+—[RSA 3072]—-+
|@OpercentOE |
|@@O+ . |
|*X.+. o |
|* . . + |
| . o . +S . |
| . o + o. |
| . . o. . |
| oo. |
| o+ |

Now copy the newly created public key .ssh/id_rsa.pub file content material to the servers ~/.ssh/authorized_keys file. You may immediately copy public key to the servers file or use the next command.

ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

Now login to the server with SSH, It won’t immediate for the password once more.

ssh [email protected]

5. Configure Firewall with FirewallD

The Default Ubuntu 20.04 server version, shouldn’t have firewalld put in on it. You may merely run the next command to put in required packages from default repositories.

sudo apt set up firewalld

After set up, begin firewall service and allow it to auto-start on system boot.

systemctl begin firewalld
systemctl allow firewalld

By default firewall allowed SSH entry to distant customers. You might also want to permit different companies by means of the firewall to distant customers.

You may immediately present a service identify like “http” or “https” to permit. The firewalld makes use of /and many others/companies file to find out the corresponding port of the service.

firewall-cmd –permanent –add-service=http
firewall-cmd –permanent –add-service=https

If any of the service identify will not be outlined in /and many others/companies file. You may firewall rule utilizing the port quantity immediately. For instance to permit TCP port 8080 or 10000 (default Webmin) to your firewall.

firewall-cmd –permanent –add-port=8080/tcp
firewall-cmd –permanent –add-port=10000/tcp

After making any modifications to your firewall, be certain to reload modifications utilizing the next command.

firewall-cmd –reload

To view, all of the allowed port and companies use the next command.

firewall-cmd –permanent –list-all


goal: default
icmp-block-inversion: no
companies: cockpit dhcpv6-client http https ssh
ports: 8080/tcp 10000/tcp
masquerade: no
wealthy guidelines:


Your Ubuntu 20.04 LTS (Focal Fossa) system is able to use. Please don’t forgot to share your concepts about preliminary server setup, that can assist others. Hope this tutorial make it easier to ,Thanks.

ubuntu 18.04 initial server setup,ubuntu 20.04 default login,ubuntu server,ubuntu 20.04 default root password,ubuntu 20.04 server setup,ubuntu 20.04 raspberry pi 4,ubuntu 20.04 setup ssh keys,ubuntu new server setup