Ubuntu Server

Basics

These are my basic set up to get the environment working the way I want.
NOTE: These servers are never exposed to the Internet directly.

Tested on Ubuntu server 22.04 LTS

When it comes to servers, always run the LTS versions, unless you like doing constant rebuilds.

Install by whatever method you choose, there are plenty of install guides around, during the install make sure to enable sshd, as everything here is done remotely.

Change Password

I do the initial set up with a simple password, mainly because I have no wifi, so during the install there is no Internet available. After the initial install is done, then I move the server to the server closet and connect a wired Ethernet cable to provide Internet connectivity.

passwd shadow
Changing password for shadow
Current password: 
New password: 
Retype new password: 
passwd: password updated successfully

Check and set hostname, Time and date

Since this is a server, chances are that looking at logs etc it will be important to make sure the times are correct.

hostnamectl
timedatectl 
timedatectl list-timezones | grep Australia
sudo timedatectl set-timezone Australia/*************
timedatectl 
               Local time: Fri 2023-11-17 14:46:55 AEST
           Universal time: Fri 2023-11-17 04:46:55 UTC
                 RTC time: Fri 2023-11-17 04:46:55
                Time zone: Australia/***************
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

SSH Keys

Below is a list of commands to use a different ssh key for each server. Alternatively you could just use one ssh key for all servers.
IMPORTANT Give each key a unique name, or every time you generate a new key the old one will get overwritten.

ssh-keygen -t ed25519 -C "Dell-Laptop"          // Generate key
Enter file in which to save the key (/home/shadow/.ssh/id_ed25519): /home/shadow/.ssh/galadriel        // Give unique name to key
Enter passphrase (empty for no passphrase):

ssh-copy-id -i ~/.ssh/galadriel.pub galadriel               // Copy key to server

Sudo

I don’t like having to type long complicated passwords all the time, so I make the following changes.
Always use visudo to edit file. Add the following line to the end of the file. Change user_name for your actual user name.

sudo visudo
user_name ALL=(ALL) NOPASSWD:ALL  # NO passwd