03. Secure the Pi a Little

We're going to create a new user, give that user sudo privileges and then disable the root user so people are less likely to play hackerman with us

  1. Add a new user: sudo adduser <new-username>

    After entering a password you can just hit Enter to skip all the other questions and then save the new user.

  2. Grant admin privileges to your new user: sudo usermod -aG sudo <new-username>

  3. Logout of this ubuntu user and login with your new username: logout

  4. Delete the old ubuntu user: sudo userdel -r ubuntu

  5. Make sure it deleted by logging out and trying to login with ubuntu

All good? Now let's do something about that pesky root user...

  1. Lets change/remove the shell from the root account: sudo usermod -s /usr/sbin/nologin root

  2. Disable root from logging in: sudo usermod -L root This will basically reset the password for root and they will not be able to login until we assign them a new password.

While we're doing all this housecleaning, let's set up a firewall...

Firewall

We're going to use ufw as a firewall to block all incoming connections

  1. Install Uncomplicated Firewall (ufw) sudo apt-get install ufw

  2. Check that it installed correctly: sudo ufw status You should see "Status: Inactive"

  3. Disable all incoming connections: sudo ufw default deny incoming

  4. Enable ufw: sudo ufw enable

Note: If you are applying new rules to ufw while it is active you will have to reload (sudo ufw reload) the firewall for the changes to take effect.

Previous02. Installing Ubuntu ServerNext04. zsh (optional)

Last updated