recipes/infra/scripts/setup_machine.sh

export MY_USER="my_user"

# Create non-root user
adduser $MY_USER
usermod -aG sudo $MY_USER

# Set up firewall
ufw allow OpenSSH
ufw enable

# Disable ssh password login
# sudo nano /etc/ssh/sshd_config
# PermitRootLogin no
# PasswordAuthentication no
# ChallengeResponseAuthentication no
# UsePAM no
# sudo systemctl restart ssh

# Enable ssh login
rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER

# Fail2ban for SSH
apt install fail2ban
Add server setup basics 2024-03-13 09:09:02 +00:00			`export MY_USER="my_user"`

			`# Create non-root user`
			`adduser $MY_USER`
			`usermod -aG sudo $MY_USER`

			`# Set up firewall`
			`ufw allow OpenSSH`
			`ufw enable`

			`# Disable ssh password login`
			`# sudo nano /etc/ssh/sshd_config`
			`# PermitRootLogin no`
			`# PasswordAuthentication no`
			`# ChallengeResponseAuthentication no`
			`# UsePAM no`
			`# sudo systemctl restart ssh`

			`# Enable ssh login`
			`rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER`

			`# Fail2ban for SSH`
			`apt install fail2ban`