tyler/new-server-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
6 commits 1 branch 0 tags 36 KiB
  • Shell 100%
Find a file
Exact
Tyler Davis 1980d3656d
 update
2026-04-27 13:01:21 -05:00
LICENSE Initial commit 2026-04-27 07:16:02 -07:00
new-server-setup-script.sh update 2026-04-27 13:01:21 -05:00
README.md update README.md 2026-04-27 12:56:58 -05:00

README.md

new-server-setup

Bootstrap script for hardening a fresh or existing Debian/Ubuntu server. Safe to re-run.

What it does

  1. Sets the hostname
  2. Creates a new sudo user with a password and SSH public key
  3. Sets a classic user@hostname:~$ shell prompt
  4. Hardens sshd — disables root login and password auth, moves SSH to a random port (102465535)
  5. Installs and enables fail2ban with a sensible SSH jail
  6. Opens the new SSH port in ufw (if present)

After setup, prints ready-to-run commands to push your Ghostty terminfo and test the new login.

Usage

bash <(curl -fsSL https://git.tylerdavis.net/tyler/new-server-setup/raw/branch/main/new-server-setup-script.sh)

The script prompts interactively for username, hostname, password, and SSH public key before making any changes.

Re-running

The script is idempotent. If the SSH port has already been changed from 22, it will be kept as-is. User creation, SSH key, and PS1 steps are all skipped if already applied.

Requirements

  • Debian/Ubuntu-based server
  • Initial root or sudo SSH access