Erik Dahlstrand

Writing on web development and server management.

Install Ubuntu Server

This page shows how to install and configure Ubuntu Server. Download the ISO image and follow the instructions to burn a CD or write to USB-stick. Boot from the CD and complete the Installation Guide.

Setup

Network

If you want to assign a static IP address just edit this file.

/etc/network/interfaces 
1
2
3
4
5
6

# The primary network interface
auto eth0
iface eth0 inet static
  address 192.168.0.10
  netmask 255.255.255.0
  gateway 192.168.0.1

DNS settings in /etc/resolv.conf and hostname in /etc/hostname and /etc/hosts.

Type service networking restart to apply the changes.

Create a user

Creating a new user and provide sudo access:

1
2
3
4

adduser myuser
adduser myuser admin          # Add myuser to admin group

adduser --ingroup admin admin # Create and add to group (one-liner)

An alternative way is to run visudo. Go to the end of file and add the following line:

1

sh myuser ALL=(ALL) ALL

Tired of running sudo -s -H to stay in the shell and update home path when sudoing? Add this to sudoers file:

/etc/sudoers 
1
2
3
4

Defaults        shell_noargs
Defaults        set_home
Defaults        always_set_home
Defaults        env_reset

SSH remote access

Install OpenSSH and permit SSH-traffic through firewall.

1
2

aptitude install openssh-server
ufw allow OpenSSH

Generate a SSH key on your local computer (if you not already got one):

1

my@pc:~# ssh-keygen -t rsa

Copy your public key to the server:

1

my@pc:~# scp .ssh/id_rsa.pub myuser@server:local_rsa.pub

On the server we want to add the SSH key to the authorized_keys file. We must also verify the file permissions.

1
2
3
4

cat local_rsa.pub >> .ssh/authorized_keys
rm local_rsa.pub
chmod 700 .ssh
chmod 600 .ssh/authorized_keys

Diable SSH login via password. Change sshd_config to read:

/etc/ssh/sshd_config 
1
2

PermitRootLogin no
PasswordAuthentication no

Configure the Firewall

1
2
3
4
5
6

ufw logging off
ufw default deny
ufw allow 22/tcp  # by port and protocol
ufw allow OpenSSH # ... or by service name
ufw enable
ufw status

Type service ufw force-reload to apply the changes.

Set locale

List installed locales, generate new and set:

1
2
3

cat /var/lib/locales/supported.d/*
locale-gen sv_SE.UTF-8
update-locale LANG=sv_SE.UTF-8

Cron

In order for users to have their cron jobs executed, they must be added to the /etc/cron.allow file. Or if there is no /etc/cron.allow file then the /etc/cron.deny file must exist and the user can’t be in that file.

In the case where neither file exists, only root cron jobs get executed.

Install and configure SNMP

1

aptitude install snmpd

Edit snmpd.conf to contain this single line:

/etc/snmp/snmpd.conf 
1

rocommunity public

Make SNMP listen to all interfaces:

/etc/default/snmpd 
1
2

# SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'

Don’t forget to open the firewall and restart the SNMP service for settings to apply.

1
2
3
4

ufw allow 161/udp
service ufw force-reload

service snmpd restart

Test the SNMP service by query for information (preferably from outside the firewall):

1

snmpwalk -v 1 -c public localhost

Notes

XenServer user?

Create a VM using the Ubuntu Lucid Lynx 10.04 64-bit template. Install from http://archive.ubuntu.net/ubuntu. After installation completes install the XenServer Guest Tools and reboot.

1
2

mount /dev/xvdd /media
/media/Linux/install.sh

Filesystem

Force filesystem check next time you boot:

1

sudo touch /forcefsck

Remove unneeded packages

This is just an example how to list and remove unwanted packages.

1
2

dpkg --get-selections
aptitude purge wireless-tools wpasupplicant pppoeconf ppp pppconfig ntfs-3g reiserfsprogs

Comments