Cloudbooklet
Google Cloud Compute Engine

Ubuntu Server Setup on Google Cloud Platform

Disclosure: This post may contain affiliate links, which means we may receive a commission if you click a link and purchase something that we recommended.

By
Ubuntu Server Setup on Google Cloud Platform

Not using Ubuntu 18.04? Choose a different OS:

Ubuntu 18.04 LTS

CentOS 7

Debian 9

Ubuntu Server Setup on Google Cloud Platform. When you first configure your VM Instance in Google Compute Engine, there are few steps to be done as a basic setup.

This guide demonstrates how to manually configure the new Ubuntu 18.04 server in Compute Engine.

Prerequisites

  1. Your Compute Engine Instance running.
  2. For setting up Compute Engine, see the Setting up Compute Engine Instance.

Server Setup

Once your server is up and running, SSH into your VM Instance and perform the following steps.

Once you create a VM Instance in Google Cloud a new user is created automatically by Google, so you need not to create a new user.

Update the server

Start by updating the packages and upgrading them to the latest on your new server.

sudo apt update
sudo apt upgrade

Setup Password

It’s recommended to setup a password for the user you currently logged in. This is because if you have locked out of your SSH or cannot access SSH, you need to use the serial port console to access your instance and recover your SSH.

To access your instance your Serial Port Console you need to enter the username and password to log in. So let’s set up a password for your user with the following command.

sudo passwd

You will be prompted to enter password and confirm your password. Once done you can set up basic firewall.

Basic Firewall setup

Ubuntu can use Uncomplicated Fire Wall (UFW) to allow connections to certain services. You can see all available applications with the following command.

sudo ufw app list
Output
Available applications:
   OpenSSH

We need to make firewall to allow SSH connections so that we can access the instance by SSH.

sudo ufw allow OpenSSH

Now SSH port 22 is allowed for connections in your instance. Now we can enable firewall.

sudo ufw enable

Type y followed by Enter to enable UFW.

You can view the allowed connections with the following command.

sudo ufw status
Output
Status: active
To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)

Now Firewall is enabled and blocks all connections except SSH. So, if you install and configure additional services you need to allow connections to accept traffic.

Set up Fail2Ban

Fail2Ban is a tool which works alongside with Firewall and blocks the offending host for a period of time. It adds the IP Address which shows malicious host to your firewall rules.

sudo apt install fail2ban
sudo service fail2ban start

Done! Once this setup is done you install any applications on your Google Cloud VM Instance.

Related Posts

Write A Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.