After you setup your server on Linode, the default SSH Access to Linode is using password authentication using
ssh [email protected]_IP
NOTE: Digital Ocean has an option to SSH Key-pair
Create a new user (will use this user in the future instead of
Add user to
sudo group for admin privileges.
adduser ln-user sudo
Most documentation will recommend using
ssh-keygen -b 4096 to create the key-pair at
I have multiple servers, and I prefer to use different key-pair for each server. I usually create my key-pair in a specific local directory and backup these files.
Run the following command on your local machine (not server).
NOTE: Technically if you local machine is Windows, you can run it on the Ubuntu server and download the files to your local machine.
ssh-keygen -b 4096 -f KEY_FILE_NAME
Install public key with ssh-copy-id
Install the public key to server.
NOTE: Run this on your local machine.
ssh-copy-id -i KEY_FILE_NAME [email protected]_IP
Install public key manually
If you don't have access to
ssh-copy-id, you can manually install the key. Copy the content of the public key
NOTE: content should be something like
SSH to the server and create
ssh [email protected]_IPmkdir ~/.sshchmod 0700 ~/.ssh
Paste the content of public key to
Restrict the permission.
chmod 0600 ~/.ssh/authorized_keys
/etc/ssh/sshd_config (on the server).
sudo nano /etc/ssh/sshd_config
Disable root login over SSH
Disable SSH password authentication
Reload SSH service.
sudo systemctl reload sshd
NOTE: Careful about misconfiguration and permanently unable to SSH into the server.
ssh -i KEY_FILE_NAME [email protected]_IP
sudo ufw enable
List of application which have a ufw profile (e.g. OpenSSH, Nginx Full, etc.), usually installed application which require listening on certain port.
sudo ufw app list
Enable SSH access.
sudo ufw allow OpenSSH
sudo ufw status
sudo apt-get update && sudo apt-get upgrade
NOTE: Might need to run
sudo apt-get dist-upgrade as well, refer to install ubuntu update.
NOTE: You could look into automatic updates as well.