A shell script to configure your Ubuntu Linux server

Here is an example shell script that you can use to quickly and safely configure your newly installed Ubuntu Linux server:


# Update the package manager
sudo apt-get update

# Upgrade all installed packages
sudo apt-get upgrade -y

# Install necessary packages
sudo apt-get install -y git htop unzip fail2ban

# Create a new user and add it to the sudo group
sudo adduser newuser
sudo usermod -aG sudo newuser

# Set the server's hostname
sudo hostnamectl set-hostname myserver

# Configure the firewall
sudo ufw allow 22
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

# Configure SSH for the new user
sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sudo service ssh restart

# Enable automatic security updates
sudo apt-get install -y unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades

# Configure Fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo systemctl start fail2ban
sudo systemctl enable fail2ban

# Print a message when the script is finished
echo "Server configuration complete!"

This script does the following:

  • Updating the package manager
  • Upgrading all installed packages
  • Installing necessary packages like git, htop and unzip, fail2ban
  • Create a new user and add it to the sudo group
  • Set the server’s hostname
  • Configure the firewall
  • Configure SSH for the new user
  • Enable automatic security updates
  • Configure Fail2ban

Please note that this script is just an example and may not include all the necessary configuration steps for your specific server. It’s always a good idea to double-check the security settings and adjust them accordingly. Also, it is important to understand the commands and their function before using them in your server.

Fail2ban is a security tool that monitors log files for repeated failed login attempts and blocks the IP addresses that are making these attempts. This script installs and configures fail2ban and sets it to start at boot. The package will monitor the ssh log file by default, and you can configure it to monitor other logs as well.

Published by


Systems Engineer

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.