Making the jump from shared hosting to a Virtual Private Server (VPS) is a relatively easy move. However, learning how to set up a VPS can be a bit trickier, especially if you’ve never used the command line before.
In this article, we’re going to walk you through how to set up a VPS in five steps:
- Learning how to log into your VPS via Secure Shell (SSH) access.
- Updating your server.
- Creating a new user and modifying its privileges.
- Enabling public key authentication.
- Setting up a firewall for your VPS.
Before we get into the technical details, though, we’re going to explain why you’ll need to configure your new virtual server. Let’s talk about how to set up a VPS!
Why You Should Configure Your New VPS
Usually, when you sign up for a basic hosting plan, your provider will set up all the software you’ll need to use it. With shared hosting, for example, you’ll probably get access to a control panel for your account right away:
These hosting control panels provide you with all the options you need to configure your account. However, in most cases, you won’t get the chance to tweak your server’s actual settings, because other people are also using the same machine.
With a VPS, on the other hand, you get a server environment all to yourself. In most cases, your host will only go so far as to set up basic server software – such as Apache or Nginx – and the rest is up to you. That means you’ll probably need to go through a few extra steps to get your server ‘ready’, such as:
- Deciding when should you start using VPS.
- Learning how to connect to it and issue commands.
- Figuring out how to install new software and perform updates.
- Configuring new user accounts (if needed).
- Setting up a firewall.
When we talk about issuing commands to your server, we’re referring to something like this:
Usually, you’ll interact with your VPS using the command line instead of a Graphical User Interface (GUI). That can be intimidating at first, but you’ll quickly get used to it if you don’t mind Googling around for the right commands and following some simple tutorials.
You can also set up hosting control panels that will enable you to interact with your server using a GUI. However, we’re not going to cover that in this article, since using the command line is often the more efficient route. Plus, learning how to use simple commands will teach you a lot about server management, which will almost certainly come in handy as your site grows.
5 Steps to Configure Your New VPS and Get It Ready to Use
As you may know, the vast majority of web servers run on Unix-based systems. That means you’ll need to use commands tailored to that type of Operating System (OS), which are not the same as those you’d use on a Windows machine. If you want to learn more about Windows server management, check out this guide for more details.
With that out of the way, let’s talk about how to set up a VPS!
Step 1: Learn How to Log into Your VPS via Secure Shell (SSH) Access
There are several ways you can connect to a website, beyond using a browser. For example, you can use File Transfer Protocol (FTP), which enables you to upload, download, and edit files on your server:
While FTP can be very useful, the protocol doesn’t enable you to issue commands to your server. For that, you’ll need to use Secure Shell (SSH) access, which is a different type of protocol that provides you with access to remote servers.
Once you connect to a server via SSH, you’ll be able to issue commands to it. SSH is also renown for its strong encryption and authentication protocols, which make it highly secure. By learning how to use SSH, you’ll be taking your first steps into server management.
Once you sign up for a VPS plan, your web host should provide you with a set of credentials, including:
- Your server’s IP address
- A username (usually root)
- A password for your root account
In case you’re not familiar with the term, a root (or superuser) account is a user with full privileges and access on a specific system. You can think of it as the equivalent of an administrator, but with even more power.
When you set up a VPS, you’ll start off with a single root account, which is the one you’ll use to make the initial connection. If you’re using a Unix-based OS on your end, you can connect to your server directly from the command line.
However, if you’re using Windows, you’ll first need to install an SSH client. We’re partial to two clients in particular, the first of which is called Bitvise:
If you’re looking for a simple interface that resembles the classic Windows style, you can’t go wrong with Bitvise. However, you’ll be doing most of your work within the command line, so the style doesn’t matter much.
We’re also big fans of PuTTY, which features a far more minimal interface. However, it offers a lot of additional configuration options, making it preferable if you really want to dip your toes into server management.
For the rest of this tutorial, we’re going to be using PuTTY in our examples. With that in mind, go ahead and install the program, and then execute it. You’ll see a window like this one:
At this stage, you need to enter your server’s IP address into the Host Name (or IP address) field, and leave the Port setting to the default value of 22:
Aside from SSH connections, port 22 is also used for secure logins and Secure File Transfer Protocol (SFTP).
You may notice that there’s an option to select which connection type you want to use below the IP field. Choose SSH, and then you can go ahead and hit the Open button.
A command line window will open now, and you’ll see a prompt to enter your login information. In this case, that will be root and its corresponding password:
If the data entered is correct, you’ll see a brief summary of your server’s details, and a prompt to enter more commands:
That’s it for the first step of how to set up a VPS. Don’t close the command line window yet, however, since we still have work to do.
Step 2: Update Your Server
Once you log into your VPS, you’ll see a message that tells you if there are any ‘packages’ or security updates available:
Packages are essentially software in Unix-speak. When it comes to any system, it’s always important to keep its components up to date, and servers are no exception.
If you’re using outdated software, you open up your server (and website) to security vulnerabilities. Plus, you might be missing out on new features or improved performance. That’s why the first thing you’ll want to do is update your server’s packages, and download any pending security patches.
To get started, type in the apt update command and hit Enter. Now, your server will double-check what packages need upgrading. Once it’s done, enter apt dist-upgrade, which will update your server’s packages:
This process might take a while, depending on how many updates your server needs to install. So sit back, grab some coffee, and wait for it to be done.
Once all your packages are up to date, you should go ahead and restart your server using the reboot command. Then, close the command line window. Wait a minute or two, and log back in using PuTTY (or your client of choice).
If everything went according to plan, there shouldn’t be any more available updates listed. That means we can move on to the next step of learning how to set up a VPS.
Step 3: Create a New User and Modify Its Privileges
When you set up a VPS, you start off with a root user, which is the account you’ve been using so far. However, it’s usually a good idea to set up another user account with superuser privileges.
The reason for this is that the root account can cause some severe damage if you’re not sure what you’re doing. A root account has full access to all of your system’s settings, so one wrong command can create serious problems.
A regular user account with superuser privileges, on the other hand, needs to add the sudo prefix to any command it wishes to run using administrative privileges. This may seem like a small change, but it makes a huge difference. With this approach, you’ll need to think twice before running any command using the sudo prefix, which can help you avoid mishaps.
Go ahead and set up that new user now by entering the following command. You’ll want to replace the second part with whatever username you’d like to use:
Then, type in this line to add that user to the sudo group, which will give it superuser privileges (again, replacing the placeholder with your new username):
# usermod -aG sudo yournewusername
Now, all that’s left is to set up a password for this account. However, there’s a method that’s far more secure than using a normal password, which is what we’ll look at next.
Step 4: Enable Public Key Authentication
Public key authentication is a technique that’s arguably more secure than regular passwords. With this approach, you generate a set of both ‘public’ and ‘private’ keys.
Your server will store your public key and use it to authenticate the private one, which only you will have access to as a file on your computer. Once you set up public key authentication, you’ll need both the private key and a passphrase to log in, which increases security significantly.
To generate SSH keys in Windows, you can use the PuTTYgen app, which will have been installed when you set up the client earlier (for details about how to do this on Linux/Unix systems, check out this guide). Look among your programs for it and run the PuTTYgen app now, which should look like this:
It’s fine to use the default settings for your key pair, so go ahead and click on the Generate button now. To make your key more unique, the program will ask you to move your mouse around to randomize it, which is pretty cool:
Next, the program will show you the public key it generated for you. Before you do anything else, go ahead and set up an accompanying passphrase for it, which will act as a password alongside the key:
Now, go ahead and hit the Save private key button, and save the resulting file to your computer. You’ll also need to copy your public key in a moment, so don’t close this window just yet.
Then, log back into your server using the original root user, and move to your new account’s home directory using # su – yournewusername. The command line will now reflect your new user:
After that, you’ll need to run a series of commands in order, which will create a new folder for your public key, restrict that folder’s permissions, and save your key:
mkdir ~/.ssh chmod 700 ~/.ssh nano ~/.ssh/authorized_keys
That last command will open up the Nano editor, enabling you to modify the new authorized_keys file on your server. Go ahead and copy your public key now from the PuTTYgen window, and paste it in here.
Once the key is ready, hit CTRL + X to close the editor, and enter Y when it asks you to confirm the changes to the file. Then, type in the following two commands:
chmod 600 ~/.ssh/authorized_keys exit
Those will change the permissions for the file you just edited, and then return you to the root user.
Next, you’ll need to configure PuTTY to use your private key when you connect to your server so that it can recognize you. To do this, return to the app’s main screen and go to the Connection › SSH › Auth section. Inside, you’ll find a field called Private key file for authentication:
Click on the Browse button, and then locate the private key file you stored on your computer. Select it, and you’re good to go.
Finally, you need to tell your server to disable the default password-only authentication method for the new user you just set up. To do that, log into your server as the new user via SSH, and run this command:
sudo nano /etc/ssh/sshd_config
This will open the sshd_config file using the Nano editor. Look for the line that reads PasswordAuthentication inside that file, and delete the # sign before it. Then change its value from Yes to No, so it reads like this:
Save the changes to the file, and reboot your server. The next time you attempt to log in, you’ll only be able to do so using your private key and passphrase.
Step 5: Set Up a Firewall for Your VPS
We’ve covered a lot of ground so far about how to set up a VPS. However, there’s still one final step to perform if you want to keep your server secure. That is to enable a firewall for it.
You can do this using the iptables program, which enables you to set up rules that restrict traffic to and from your server. This process is a bit involved, though, so we recommend that you check out our full guide on how to set up iptables and configure the program properly.
This step may seem like overkill at first. With Iptables, however, you’ll be able to restrict which ports enable traffic to access your server. This will stop a lot of attacks in their tracks. Plus, it’s a one-time setup process, so it pays to do it right away.
Learning how to set up a VPS after upgrading from shared hosting is like leaving the kiddie pool to dive into an Olympic-sized one. You have a lot more room and features to play with, but you’ll need to find your footing before you can start having fun. Now that you know how to configure your VPS, you’ve become acquainted with the command line, which will make it a lot easier to set everything up to your liking.
Do you have any questions about how to set up a VPS? Let’s talk about them in the comments section below!