Follow the below steps.

1. Upgrade Your System

First of all, log in to the Ubuntu 20.04 system via the system terminal. Now, execute the following commands to update apt cache and upgrade all packages on your system.

2. Create User Account

We never recommend using root user to work on Ubuntu 20.04. Let’s create an account for system administration and enable sudo access for that. Now add the newly created user to the sudo group, So that it can get all sudo privileges.

3. Secure SSH Server

We recommended changing the default SSH port, it helps you to secure your system from hack attempts. To change default port edit OpenSSH configuration file /etc/ssh/sshd_config and do the following changes.

Change Default Port – It will be good to change default ssh port as default ports are always on attackers. Port 2222 Disable Root SSH Login – Also you would like to disable root login via ssh. PermitRootLogin no

4. Setup Key-Based SSH

This is strongly recommended to use key-based ssh login instead of password login. To configure this, create an ssh key pair on your local system. Linux users can use the following command, and Windows users use puttygen.exe to generate ssh key pair. Sample output: Now copy the newly created public key .ssh/id_rsa.pub file content to the servers ~/.ssh/authorized_keys file. You can directly copy public key to the servers file or use the following command. Now login to the server with SSH, It will not prompt for the password again.

5. Configure Firewall with FirewallD

The Default Ubuntu 20.04 server edition, does not have firewalld installed on it. You can simply run the following command to install required packages from default repositories. After installation, start firewall service and enable it to auto-start on system boot. By default firewall allowed SSH access to remote users. You may also need to allow other services through the firewall to remote users. You can directly provide a service name like “http” or “https” to allow. The firewalld uses /etc/services file to determine the corresponding port of the service. If any of the service name is not defined in /etc/services file. You can firewall rule using the port number directly. For example to allow TCP port 8080 or 10000 (default Webmin) to your firewall. After making any changes to your firewall, make sure to reload changes using the following command. To view, all the allowed ports and services use the following command. Output:

Conclusion

Your Ubuntu 20.04 LTS (Focal Fossa) system is ready to use. Please do not forget to share your ideas about the initial server setup, that will help others.