I assume you setup SSH Key With DigitalOcean Droplet.
Login as root
ssh -i KEY_FILE.pem root@SERVER_IP
Create new user
Create new do-user
and assign to sudo
group for admin privileges.
adduser do-userusermod -aG sudo do-user
Copy root's SSH key to do-user
rsync --archive --chown=do-user:do-user ~/.ssh /home/do-user
Edit SSH configuration
sudo nano /etc/ssh/sshd_config
Disable login as root
PermitRootLogin no
Disable SSH password authentication
PasswordAuthentication no
Allow do-user
only.
AllowUsers do-user
Restart SSH service
sudo systemctl reload sshd
NOTE: Don't close the current root user terminal. Test login as do-user
on separate terminal to make sure everything works to make sure you don't accidentally lock yourself out from the server.
Test login for do-user
.
ssh -i KEY_FILE.pem do-user@SERVER_IP
Setup Firewall
Refer Setup Firewall for Ubuntu 18.04.
Update Ubuntu
sudo apt-get update && sudo apt-get upgrade
NOTE: Might need to run sudo apt-get dist-upgrade
as well, refer to install ubuntu update.
NOTE: You could look into automatic updates as well.