// Line 510 is a seasoned validator, actively supporting with cutting-edge hardware infrastructure //
// Line 510 is a seasoned validator, actively supporting with cutting-edge hardware infrastructure //
Share Dialog
Share Dialog
Subscribe to Line 510
Subscribe to Line 510
<100 subscribers
<100 subscribers
# generate ssh keys, if you don't have them already, DO IT ON YOUR LOCAL MACHINE
ssh-keygen -t rsa
# save the output, we'll use it later on instead of YOUR_PUBLIC_SSH_KEY
cat ~/.ssh/id_rsa.pub
# upgrade system packages
sudo apt update
sudo apt upgrade -y
# add new admin user
sudo adduser admin --disabled-password -q
# upload public ssh key, replace YOUR_PUBLIC_SSH_KEY with the key above
mkdir /home/admin/.ssh
echo "YOUR_PUBLIC_SSH_KEY" >> /home/admin/.ssh/authorized_keys
sudo chown admin: /home/admin/.ssh
sudo chown admin: /home/admin/.ssh/authorized_keys
echo "admin ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
# disable root login, disable password authentication, use ssh keys only
sudo sed -i 's|^PermitRootLogin .*|PermitRootLogin no|' /etc/ssh/sshd_config
sudo sed -i 's|^ChallengeResponseAuthentication .*|ChallengeResponseAuthentication no|' /etc/ssh/sshd_config
sudo sed -i 's|^#PasswordAuthentication .*|PasswordAuthentication no|' /etc/ssh/sshd_config
sudo sed -i 's|^#PermitEmptyPasswords .*|PermitEmptyPasswords no|' /etc/ssh/sshd_config
sudo sed -i 's|^#PubkeyAuthentication .*|PubkeyAuthentication yes|' /etc/ssh/sshd_config
sudo systemctl restart sshd
# install fail2ban
sudo apt install -y fail2ban
# install and configure firewall
sudo apt install -y ufw
sudo ufw default allow outgoing
sudo ufw default deny incoming
sudo ufw allow ssh
sudo ufw allow 9100
sudo ufw allow 26656
# make sure you expose ALL necessary ports, only after that enable firewall
sudo ufw enable
# make terminal colorful
sudo su - admin
source <(curl -s https://raw.githubusercontent.com/line-510/cosmos-scripts/master/utils/enable_colorful_bash.sh)
# update servername, if needed, replace YOUR_SERVERNAME with wanted server name
sudo hostnamectl set-hostname YOUR_SERVERNAME
# now you can logout (exit) and login again using ssh admin@YOUR_SERVER_IP
# generate ssh keys, if you don't have them already, DO IT ON YOUR LOCAL MACHINE
ssh-keygen -t rsa
# save the output, we'll use it later on instead of YOUR_PUBLIC_SSH_KEY
cat ~/.ssh/id_rsa.pub
# upgrade system packages
sudo apt update
sudo apt upgrade -y
# add new admin user
sudo adduser admin --disabled-password -q
# upload public ssh key, replace YOUR_PUBLIC_SSH_KEY with the key above
mkdir /home/admin/.ssh
echo "YOUR_PUBLIC_SSH_KEY" >> /home/admin/.ssh/authorized_keys
sudo chown admin: /home/admin/.ssh
sudo chown admin: /home/admin/.ssh/authorized_keys
echo "admin ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
# disable root login, disable password authentication, use ssh keys only
sudo sed -i 's|^PermitRootLogin .*|PermitRootLogin no|' /etc/ssh/sshd_config
sudo sed -i 's|^ChallengeResponseAuthentication .*|ChallengeResponseAuthentication no|' /etc/ssh/sshd_config
sudo sed -i 's|^#PasswordAuthentication .*|PasswordAuthentication no|' /etc/ssh/sshd_config
sudo sed -i 's|^#PermitEmptyPasswords .*|PermitEmptyPasswords no|' /etc/ssh/sshd_config
sudo sed -i 's|^#PubkeyAuthentication .*|PubkeyAuthentication yes|' /etc/ssh/sshd_config
sudo systemctl restart sshd
# install fail2ban
sudo apt install -y fail2ban
# install and configure firewall
sudo apt install -y ufw
sudo ufw default allow outgoing
sudo ufw default deny incoming
sudo ufw allow ssh
sudo ufw allow 9100
sudo ufw allow 26656
# make sure you expose ALL necessary ports, only after that enable firewall
sudo ufw enable
# make terminal colorful
sudo su - admin
source <(curl -s https://raw.githubusercontent.com/line-510/cosmos-scripts/master/utils/enable_colorful_bash.sh)
# update servername, if needed, replace YOUR_SERVERNAME with wanted server name
sudo hostnamectl set-hostname YOUR_SERVERNAME
# now you can logout (exit) and login again using ssh admin@YOUR_SERVER_IP
No activity yet