Initial VPS Setup on Debian
A fresh VPS comes with a root account and not much else. Before installing anything, the server needs a baseline: current packages, a non-root user, key-only SSH, and automatic security updates.
1. Update the system and enable unattended upgrades
apt -y update
apt -y upgrade
apt -y full-upgrade
DEBIAN_FRONTEND=noninteractive apt-get --yes --force-yes upgrade
DEBIAN_FRONTEND=noninteractive apt-get --yes --force-yes dist-upgrade
apt -y install unattended-upgrades
systemctl enable unattended-upgrades
systemctl start unattended-upgradesThis brings everything up to date and ensures security patches are applied automatically going forward.
2. Create a non-root user
Running as root is convenient but risky. A dedicated user with sudo access is safer.
Set a username (replace yourname with your actual name):
USERNAME=yournameVerify it took:
echo $USERNAMECreate the account with passwordless sudo:
adduser --disabled-password --gecos "" $USERNAME
usermod -aG sudo $USERNAME
cat >> /etc/sudoers <<<"$USERNAME ALL=(ALL) NOPASSWD: ALL"3. Copy the SSH key to the new user
The SSH public key currently lives in root’s home directory. Copy it to the new account:
mkdir /home/$USERNAME/.ssh
cp /root/.ssh/* /home/$USERNAME/.ssh
chmod 700 /home/$USERNAME/.ssh
chmod 600 /home/$USERNAME/.ssh/*
chmod 640 /home/$USERNAME/.ssh/authorized_keys
chown -R $USERNAME:$USERNAME /home/$USERNAME/.ssh4. Harden SSH access
Disable password authentication entirely and prevent root login over SSH. After this, the only way in is with the correct private key:
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
cat >> /etc/ssh/sshd_config <<<'ChallengeResponseAuthentication no'
passwd -l root
usermod -p '*' $USERNAME
usermod -p '*' root5. Reboot and verify
reboot nowThe SSH connection drops. After a minute or so, reconnect with the new user:
ssh yourname@your-server-addressIf you land on a prompt with your username, the server is ready for everything that comes next.