Buy a Linode plan
For location, Tokyo is not available now, and I choose Newark based on speed test (rather than Fremont).
Ref: Getting Started with Linode
Deploy an image
- At Linode manager, enter the dashboard of linode plan.
- Select “Deploy an Image”. Choose Ubuntu Long Term Support (LTS) release, e.g. Ubuntu 16.04 LTS.
- Set a password for root user (at least 6 characters long).
- Click “Deploy” button.
- When job finished, click “Boot” to power on.
Connect to the server
The IP address can be find in the “Remote Access” panel. Enter the password to log in.
sudo apt-get update && apt-get upgrade
echo "hostname" > /etc/hostname # Set hostname from file hostname -F /etc/hostname # Verify hostname hostname
Edit hosts file
and add a line:
[IP address] [Fully Qualified Domain Name (FQDN)] hostname
The value you assign as your system’s FQDN should have an “A” record in DNS pointing to your Linode’s IPv4 address.
(Save and close file after editing with nano:
dpkg-reconfigure tzdata # Check time date
Securing Your Server
Ref: Securing Your Server
Add a Limited User Account
Add user to sudo group:
adduser example_user sudo
Switch to example_user:
exit ssh example_user@[IP]
Authentication by SSH key pair
On local machine,
ssh-keygen -b 4096
Press Enter three times to use default filenames and empty passphrase.
id_rsa.pub are generated in
mkdir -p ~/.ssh && sudo chmod -R 700 ~/.ssh/
Upload public key to server:
scp ~/.ssh/id_rsa.pub example_user@[IP]:~/.ssh/authorized_keys
Exit and log into Linode again. No password is needed now.
Adjust SSH settings
# Disable SSH password authentication PasswordAuthentication no # Disable PAM authentication UsePAM no # Disallow root logins over SSH PermitRootLogin no
Apply new ssh configurations:
sudo systemctl restart sshd
Use Fail2Ban for SSH Login Protection
sudo apt-get install fail2ban
Remove Unused Network-Facing Services
To see your Linode’s running network services:
sudo netstat -tulpn
And remove unused services accordingly.
Enable the Firewall
- UFW Essentials: Common Firewall Rules and Commands
Ref: Getting oh-my-zsh to work in Ubuntu
sudo apt-get install zsh sudo apt-get install git-core
Getting zsh to work in ubuntu is weird, since sh does not understand the
source command. So, you do this to install zsh
wget https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | zsh
and then you change your shell to zsh
chsh -s `which zsh`
and then reboot
sudo shutdown -r 0
Because the default theme does not show hostname, we may want to change a theme (zsh themes).
Cyberduck for File transfer
Use Cyberduck: Transfer Files with Cyberduck on Mac OS X
Ref: Install VNC on Ubuntu 16.04
Install full desktop:
sudo apt-get install ubuntu-desktop gnome-panel gnome-settings-daemon metacity nautilus gnome-terminal
Or, install desktop environments without full packages (no tools like office and browser, small size, however there exists coding problem for Chinese font):
sudo apt-get install --no-install-recommends ubuntu-desktop gnome-panel gnome-settings-daemon metacity nautilus gnome-terminal
During the install process, you will be asked whether or not to change a system file to the new version. Type y then enter to use the updated version.
Install VNC server:
sudo apt-get install vnc4server
Exit and reconnect with command:
ssh -L 5901:127.0.0.1:5901 user@[IP]
start vnc server (for first time, set a password after prompt):
Then connect with VNC viewer.
Ignore the “unencrypted connection” message. And a gray screen showed.
Close VNC server:
vncserver -kill :1
~/.vnc/xstartup file to add a few lines to the end:
gnome-panel & gnome-settings-daemon & metacity & nautilus &
Start VNC server again and connect from client. Desktop should show.
In case that VNC viewer shows connection error: “Too many Security Failures”, restart the server:
vncserver -kill :1 vncserver :1
How To Install Chrome Browser In Linux Or Ubuntu VPS
Perl locale warning
perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "en_US.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C").
Solution: comment out line from
AcceptEnv LANG LC_*