Tools

Tools: πŸ—οΈ Building my home server P1: Part 1: Starting and connecting to the server

2026-03-16 0 views admin
Tools: πŸ—οΈ Building my home server P1: Part 1: Starting and connecting to the server

πŸ—οΈ Building my home server: Part 1

πŸ’Ύ Server OS

🌎 Connect to the Wi-Fi

πŸ’‘ Setup SSH

πŸ§‘πŸ»β€πŸ’» Connect through SSH

πŸ›‘οΈ Hardening security Starting and connecting to the server I recently decided to build my own server for sharing files across my local network. Initially, my goal was simply to create a central hub for my movies, photos, and files. However, as the project evolved, I found myself expanding beyond that original scope. I aimed to create a straightforward, well-organized system, all while prioritizing security best practices. Throughout the process, I gained valuable experience with various tools and systems, including Linux, SSH, SMB, volumes, user management, firewalls, Nginx, backup strategies, and Ansible automation. This series of posts is about my journey of building the server, the discoveries I made along the way, and how I adapted after learning from my mistakes. My intention was also to learn about Linux. I worked with it before a lot especially in containerized environments, however, I was thinking that this would be a perfect opportunity to refresh my knowledge and to get hands-on experience. So, I decided to do it hardcore: I decided to work with Ubuntu Server, which is basically a headless Linux. Having only the CLI to interact with the system forced me to interact with the system entirely through Linux commands, which made me realize how much I had forgotten about basic Linux commands. All in all, it turned out to be a great decision, as I ended up learning a lot. My first challenge was figuring out how to connect my server to the Wi-Fi network, enabling me to manage it via SSH. I used this guide to configure the Wi-Fi connection. First, I needed to identify my system’s network interface. I ran one of the following commands: ls /sys/class/net or ip a. According to the guide linked above, the Wi-Fi interface typically starts with a w. In my case, it was wlo1. After that, I edited the Netplan configuration file with the following command: sudo vi /etc/netplan/50-cloud-init.yaml. Then, I modified the configuration as follows: Finally, I applied my new Netplan configuration by running sudo netplan apply. To verify that my server was successfully connected to the network, I ran: ip a. To set up an SSH tunnel and access my server from my laptop, the first step was to launch an OpenSSH server. I followed this guide to achieve that. At this point, I could have connected to the server using my username and password with the following command: ssh username@server-ip. However, for better security, it’s recommended to use an RSA key instead. So, I generated an RSA key pair by running the following command: ssh-keygen -t rsa -b 4096 -C "some comment, e.g. email" -f ~/.ssh/id_rsa_home_server. After this I copied the public key to the server:ssh-copy-id -i ~/.ssh/id_rsa_home_server.pub username@server_ip To enhance SSH security, I needed to modify the SSH configuration file located at /etc/ssh/sshd_config. While the file already contains the default settings, I made the following adjustments to improve security: I also configured UFW to allow SSH traffic. UFW stands for Uncomplicated Firewall, which is a frontend for managing iptables (the Linux firewall). To apply changes I ran the following commands: Finally, I was able to connect to my server from my laptop by running the command below! πŸŽ‰ You can also read this post on my portfolio page. Templates let you quickly answer FAQs or store snippets for re-use. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse

Code Block

Copy

network: version: 2 wifis: wlo1: dhcp4: true access-points: "<ssid>": auth: key-management: "psk" password: <password> network: version: 2 wifis: wlo1: dhcp4: true access-points: "<ssid>": auth: key-management: "psk" password: <password> network: version: 2 wifis: wlo1: dhcp4: true access-points: "<ssid>": auth: key-management: "psk" password: <password> sudo apt update && sudo apt upgrade sudo apt update && sudo apt upgrade sudo apt update && sudo apt upgrade sudo apt install openssh-server sudo apt install openssh-server sudo apt install openssh-server sudo systemctl enable --now ssh sudo systemctl enable --now ssh sudo systemctl enable --now ssh sudo ufw enable && sudo ufw allow <custom SSH port> && sudo ufw status sudo ufw enable && sudo ufw allow <custom SSH port> && sudo ufw status sudo ufw enable && sudo ufw allow <custom SSH port> && sudo ufw status systemctl daemon-reload systemctl restart ssh.socket systemctl daemon-reload systemctl restart ssh.socket systemctl daemon-reload systemctl restart ssh.socket ssh -p <custom port> username@server-ip ssh -p <custom port> username@server-ip ssh -p <custom port> username@server-ip - version: 2: This specifies the version of the configuration format. Version 2 is the most recent and is used for newer Netplan versions (from Ubuntu 17.10 and later). - dhcp4: true: This tells the system to use DHCP (Dynamic Host Configuration Protocol) to automatically obtain an IPv4 address from the router or network. Essentially, the system will request an IP address from the router when it connects to the Wi-Fi network. - key-management: "psk": This specifies the type of authentication to use. "psk" stands for Pre-Shared Key, which is the most common form of Wi-Fi authentication (the password you use to connect to the network). - Update system and the packages: - Install OpenSSH: - Start and enable SSH service: - Port: Changed from the default port 22 to a custom port for enhanced security. - PubkeyAuthentication: Set to yes to enable more secure authentication using SSH keys. - PasswordAuthentication: Set to no to disable password-based authentication, allowing only pubkey authentication. - PermitRootLogin: Set to no to prevent logging in directly as the root user. - PermitEmptyPasswords: Set to no to prevent users from logging in with empty passwords. - MaxAuthTries: Set to 6 to limit the number of unsuccessful authentication attempts within a single session. - MaxSessions: Set to 10 to limit the number of concurrent sessions per user. - AllowUsers and AllowGroups: Specifies the users and groups allowed to access the server. - LoginGraceTime: Set to 30s to allow a 30-second window for successful authentication before disconnecting. - ClientAliveCountMax: Set to 3 to limit the number of missed keep-alive messages before disconnecting the client. - ClientAliveInterval: Set to 300 seconds (5 minutes) to define the inactivity timeout after which the user is disconnected.

🏷️ Tags

toolsutilitiessecurity toolsbuildingserverstartingconnectingconnect

More from Tools

Tools: Gas-Aware Trading: Execute Only When Gas Is Cheap (2026)

Tools: Gas-Aware Trading: Execute Only When Gas Is Cheap (2026)

2026-03-30 0
Tools: Grafana k6 Has a Free API That Load Tests Your APIs With JavaScript - Full Analysis

Tools: Grafana k6 Has a Free API That Load Tests Your APIs With JavaScript - Full Analysis

2026-03-30 0
Tools: Caddy Has a Free API That Gives You Automatic HTTPS With Zero Configuration (2026)

Tools: Caddy Has a Free API That Gives You Automatic HTTPS With Zero Configuration (2026)

2026-03-30 0
Tools: Fly.io Has a Free API That Deploys Docker Apps Globally With Edge Hosting (2026)

Tools: Fly.io Has a Free API That Deploys Docker Apps Globally With Edge Hosting (2026)

2026-03-30 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 β€’ 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 β€’ 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 β€’ 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 β€’ 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 β€’ 81 views