A script to execute common setup tasks on newly created VPS (Virtual Private Servers).
This script is based on Hetzner Community guides on How to Keep a VPS Server Safe
This script is develop and tested in Debian 12, but probably will work on any Ubuntu as well.
In addition to installing and configuring some tools, this script will create a sysadmin user for subsequent logins and automated tasks.
Therefore, in order to execute you will need to copy an id_rsa.pub public key file in the same directory where this script will be run. The execution
will then take care to append that public key to the /home/sysadmin/.ssh/authorized_keys file so you can login using ssh with the newly
created sysadmin user (assuming you have the private key in your machine).
This script will change the default ssh port from 22 to 1222 so in order to log in again you will need to either parametrize the ssh command or add a
custom configuration to your ~/.ssh/config file.
ssh -p 1222 [email protected]# ~/.ssh/config
Host 1.2.3.4
User sysadmin
IdentityFile ~/.ssh/id_rsa # Or whatever your ssh key is.
Port 1222
Copy to the host both the script and the public key for the sysadmin account that will be created then execute the script.
scp vps-setup.sh [email protected]:/root/
# If you want a different public key for the sysadmin user replace it
scp ~/.ssh/id_rsa.pub [email protected]:/root/
# SSH into the VPS
ssh [email protected]
# Run the script (from the VPS)
./vps-setup.shBefore closing the root session, check that you are able to login with the new sysadmin account:
ssh -p 1222 [email protected]If you are able to login with the sysadmin account, close the root session. You can validate that root login is disabled by executing:
ssh [email protected]
[email protected]: Permission denied (publickey).