The initial server setup with Ubuntu is the critical first step every serious developer, DevOps engineer, startup founder, agency owner, or business must complete when launching any new Ubuntu server in 2025–2026. Mastering the initial server setup with Ubuntu ensures your server is secure from day one, protected against brute-force attacks, unauthorized access, and common vulnerabilities.
This complete initial server setup with Ubuntu guide walks you through every essential task: secure root login, creating a non-root sudo user, configuring SSH key authentication, enabling the UFW firewall, and verifying everything before logging out of root. Whether you’re deploying on ProgressiveRobot Droplets, Linode, Vultr, AWS EC2, or bare-metal hardware, following this initial server setup with Ubuntu process creates a rock-solid foundation for hosting websites, mobile app backends, APIs, databases, e-commerce platforms, SaaS products, or any production workload.
Skip or rush the initial server setup with Ubuntu and you risk costly breaches or lockouts — do it right once and your Ubuntu server stays secure, stable, and production-ready for years.
ssh root@your_server_ip
- Replace your_server_ip with actual IP
- First time: Accept host key fingerprint (type yes)
- Enter root password (if using password auth) or SSH key passphrase
Step 2 – Creating a New Non-Root Sudo User
Create a regular user (example: zain) with sudo privileges.
adduser zain
Follow prompts:
- Enter strong password
- Fill full name, room number, etc. (optional — press Enter to skip)
Now grant sudo privileges:
usermod -aG sudo zain
Explanation: -aG sudo adds user zain to the sudo group (append, not replace).
Step 3 – Setting Up SSH Key Authentication (Disable Password Login)
SSH keys are much more secure than passwords — no brute-force risk.
On your local computer (not the server):
Generate SSH key pair (if you don’t have one):
ssh-keygen -t ed25519 -C "zain@progressiverobot.com"
- Press Enter for default location (~/.ssh/id_ed25519)
- Enter strong passphrase (recommended)
2. Copy your public key to the server:
ssh-copy-id zain@your_server_ip
Or manually:
cat ~/.ssh/id_ed25519.pub
Copy output → SSH to server as zain → paste into ~/.ssh/authorized_keys
console.log( 'Code is Poetry' );ssh zain@your_server_ip
mkdir -p ~/.ssh
chmod 700 ~/.ssh
nano ~/.ssh/authorized_keys
Paste key → Ctrl+O → Enter → Ctrl+X Set permissions:
chmod 600 ~/.ssh/authorized_keys
3. Disable password authentication (critical security step)
sudo nano /etc/ssh/sshd_config
Find and change:
PasswordAuthentication yes → PasswordAuthentication no
Save → restart SSH:
sudo systemctl restart ssh
Test new SSH login:
ssh zain@your_server_ip
Should log in without password (only key).
Never close your root session until Step 5 verification!
Step 4 – Setting Up UFW Firewall (Block Everything Except SSH)
UFW (Uncomplicated Firewall) is Ubuntu’s easy firewall.
Allow SSH (critical — do this first!)
sudo ufw allow OpenSSH
Or by port:
sudo ufw allow 22/tcp
2. Enable UFW
sudo ufw enable
Type y to proceed.
3. Check status
sudo ufw status
Output example:
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
SSH is open — you won’t lock yourself out.
4. Later – Allow HTTP/HTTPS (when ready)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw reload
Step 5 – Verify Access Before Exiting Root Session
Critical – do not log out of root until this works!
Open new terminal window (don’t close existing root session)
Test SSH as new user:
ssh zain@your_server_ip
3. Test sudo:
sudo whoami
Should output: root (enter password when prompted)
If both work → safe to log out of root session.
exit # from zain session
exit # from root session (last one)
You’re now secure!
FAQs – Initial Server Setup with Ubuntu
1. Can I skip creating a non-root user?
No. Using root daily is dangerous — one typo can destroy your server.
2. What if I lose SSH key access? ProgressiveRobot/Linode/Vultr → use recovery console or rescue mode to regain access.
3. Should I change SSH port from 22?
Optional extra layer. If yes: edit /etc/ssh/sshd_config → Port 2222 → update UFW → restart sshd.
4. Is UFW enough for security?
Good start. Add Fail2Ban later for brute-force protection.
5. Does this work on Ubuntu 24.10?
Yes — commands are identical across 22.04 / 24.04 / 24.10.
Summary
Congratulations — you’ve now completed the initial server setup with Ubuntu and transformed a fresh server into a secure, production-ready environment. This initial server setup with Ubuntu process is the foundation for every serious project: whether you’re hosting websites, mobile app backends, APIs, databases, e-commerce platforms, SaaS tools, or learning Linux/DevOps.
By finishing the initial server setup with Ubuntu correctly — secure root login, non-root sudo user, SSH key authentication, UFW firewall configuration, and full verification — you’ve eliminated the most common attack vectors and prevented accidental damage from daily root usage. The initial server setup with Ubuntu steps in this guide are battle-tested across Ubuntu 22.04 LTS, 24.04 LTS, and 24.10, and apply equally to ProgressiveRobot Droplets, Linode, Vultr, AWS EC2, Hetzner, or any bare-metal deployment. Never skip the initial server setup with Ubuntu — it’s the difference between a vulnerable server and one you can confidently scale and trust.
With this initial server setup with Ubuntu complete, your server is locked down and ready for the next phase: installing software, deploying apps, or hardening further with tools like Fail2Ban, automatic updates, and monitoring. Progressive Robot specializes in professional initial server setup with Ubuntu for businesses — contact us for expert hardening, migration, or full infrastructure management.
