dotlinux guide

Your First Linux Server: A Beginner's Administration Guide

Linux servers power much of the internet, from small blogs to enterprise-grade applications, thanks to their stability, security, and open-source flexibility. If you’re new to server administration, this guide will walk you through setting up, configuring, and maintaining your first Linux server. By the end, you’ll掌握 essential skills like navigating the command line, managing users, securing your server, and troubleshooting common issues.

Table of Contents

  1. Prerequisites
  2. Choosing a Linux Distribution
  3. Setting Up Your Server
  4. Basic Linux Commands
  5. User and Permissions Management
  6. Package Management
  7. Network Configuration
  8. Security Best Practices
  9. Monitoring and Maintenance
  10. Troubleshooting Common Issues
  11. Conclusion
  12. References

Prerequisites

Before diving in, you’ll need:

  • A server: Use a Virtual Private Server (VPS) like DigitalOcean, AWS EC2, or Linode (recommended for beginners). Alternatively, use a local machine or Raspberry Pi.
  • SSH client: Built into Linux/macOS (Terminal); Windows users can use PuTTY or the built-in Windows Terminal.
  • Basic command-line familiarity: No prior Linux experience required, but comfort with typing commands helps.

Choosing a Linux Distribution

Linux “distributions” (distros) are pre-packaged OS versions. For beginners, start with:

DistroUse CasePackage ManagerWhy It’s Great
Ubuntu LTSGeneral-purpose, web servers, beginnersAPTLarge community, long-term support (LTS).
DebianStability-focused serversAPTMinimal, secure, and widely used.
Rocky LinuxEnterprise-grade, RHEL-compatibleDNFFree alternative to CentOS.

Recommendation: Start with Ubuntu 22.04 LTS (Long-Term Support) for its user-friendly tools and extensive documentation.

Setting Up Your Server

Step 1: Provision Your Server

Sign up for a VPS (e.g., DigitalOcean Droplet) and select:

  • Distribution: Ubuntu 22.04 LTS
  • Plan: $5–$10/month (1GB RAM, 25GB SSD is enough to start).
  • Region: Closest to your audience for lower latency.

Step 2: Access via SSH

SSH (Secure Shell) lets you control the server remotely.

After provisioning, your VPS provider will email a temporary IP, username (usually root), and password. Connect with:

# Linux/macOS Terminal or Windows Terminal  
ssh root@your_server_ip

You’ll be prompted to change the password on first login.

Passwords are vulnerable to brute-force attacks. Use SSH keys instead:

  1. Generate SSH keys on your local machine:

    # Linux/macOS: Open Terminal  
ssh-keygen -t ed25519 -C "[email protected]"

    Press Enter to save to the default location (~/.ssh/id_ed25519), and skip the passphrase (or set one for extra security).

  2. Copy the public key to your server:

    ssh-copy-id root@your_server_ip

    Enter your server password when prompted.

  3. Log in securely (no password needed now!):

    ssh root@your_server_ip

Step 3: Update Your Server

Always update the system immediately after setup to patch security vulnerabilities:

# For Ubuntu/Debian  
sudo apt update && sudo apt upgrade -y  

# For Rocky Linux/CentOS  
sudo dnf update -y

Basic Linux Commands

The command line is your primary tool for server management. Master these essentials:

  • pwd: Print working directory (where you are). 
    pwd  # Output: /home/your_user
  • ls: List files/folders. 
    ls -la  # -l: detailed view, -a: show hidden files (starts with .)
  • cd: Change directory. 
    cd /var/log  # Move to /var/log  
cd ..        # Go up one directory  
cd ~         # Go to your home directory

File Operations

  • mkdir: Create a folder. 
    mkdir my_projects
  • touch: Create an empty file. 
    touch notes.txt
  • cp: Copy files. 
    cp notes.txt /backup/  # Copy notes.txt to /backup/
  • mv: Move/rename files. 
    mv notes.txt important_notes.txt  # Rename  
mv important_notes.txt ~/  # Move to home directory
  • rm: Delete files (permanent!). 
    rm old_file.txt  
rm -r old_folder/  # -r: delete folders recursively

Viewing Files

  • cat: Print file contents. 
    cat /etc/os-release  # Show OS version
  • less: Scroll through large files (press q to exit). 
    less /var/log/syslog
  • head/tail: Show first/last 10 lines. 
    head -n 5 /etc/passwd  # First 5 lines  
tail -f /var/log/nginx/access.log  # Follow real-time logs (-f)

System Info

  • uname -a: Show kernel version and system details.
  • hostname: Show server name.
  • uptime: Show how long the server has been running.

Process Management

  • ps: List running processes. 
    ps aux  # -a: all users, -u: detailed, -x: include background processes
  • top: Real-time process monitor (press q to exit).
  • kill: Stop a process (use ps to find the PID). 
    kill 1234  # Stop process with PID 1234  
kill -9 1234  # Force-stop unresponsive processes

User and Permissions Management

Never Use root for Daily Tasks!

The root user has unlimited power—one mistake can break your server. Instead, create a non-root user with sudo (admin) privileges.

Create a Sudo User

# Replace "alice" with your username  
sudo adduser alice  

# Add the user to the "sudo" group (grants admin rights)  
sudo usermod -aG sudo alice

Log out of root and log back in as your new user:

ssh alice@your_server_ip

File Permissions

Linux uses a permission system to control access to files/folders. Permissions are shown as rwx (read, write, execute) for three groups: user (owner), group, and others.

  • View permissions with ls -l:

    ls -l notes.txt  
# Output: -rw-r--r-- 1 alice alice 0 Jan 1 12:00 notes.txt  
# Breakdown: - (file), rw- (user), r-- (group), r-- (others)

  • Change permissions with chmod (use numeric notation: r=4, w=2, x=1):

    chmod 600 secret.txt  # User: rw-, Group: ---, Others: --- (only owner can read/write)  
chmod 755 script.sh   # User: rwx, Group: r-x, Others: r-x (executable by all)

  • Change ownership with chown:

    sudo chown alice:alice report.pdf  # Set user "alice" and group "alice" as owners

Package Management

Linux uses package managers to install/update software.

Ubuntu/Debian (APT)

  • Update package lists: 
    sudo apt update
  • Install a package (e.g., nginx web server): 
    sudo apt install nginx -y  # -y: auto-confirm prompts
  • Remove a package: 
    sudo apt remove nginx

Rocky Linux/CentOS (DNF)

  • Update packages: 
    sudo dnf update -y
  • Install a package: 
    sudo dnf install nginx -y

Network Configuration

Check Network Info

  • ip addr: Show IP addresses. 
    ip addr  # Look for "inet" (e.g., 192.168.1.100)
  • ping: Test connectivity to another server. 
    ping google.com  # Press Ctrl+C to stop

Manage Services (e.g., Web Server)

Use systemctl to control background services (e.g., nginx):

sudo systemctl start nginx  # Start the service  
sudo systemctl enable nginx  # Start on boot  
sudo systemctl status nginx  # Check if it’s running

Firewall Setup

A firewall blocks unauthorized network traffic. Use ufw (Uncomplicated Firewall) on Ubuntu:

  • Enable UFW: 
    sudo ufw enable
  • Allow SSH (port 22) and HTTP (port 80): 
    sudo ufw allow 22/tcp  # SSH  
sudo ufw allow 80/tcp  # HTTP (web traffic)
  • Check rules: 
    sudo ufw status

Security Best Practices

1. Disable Password Login (SSH Keys Only)

Edit the SSH config file to block password-based logins:

sudo nano /etc/ssh/sshd_config

Set these values:

PasswordAuthentication no  
ChallengeResponseAuthentication no

Restart SSH:

sudo systemctl restart sshd

2. Keep Software Updated

Run updates regularly to patch vulnerabilities:

# Ubuntu/Debian  
sudo apt update && sudo apt upgrade -y  

# Automate updates with "unattended-upgrades"  
sudo apt install unattended-upgrades -y  
sudo dpkg-reconfigure -plow unattended-upgrades  # Follow prompts to enable

3. Install Fail2ban

Block brute-force SSH attacks with fail2ban:

sudo apt install fail2ban -y  
sudo systemctl enable fail2ban

4. Use a Non-Root User

As emphasized earlier, avoid using root for daily tasks.

Monitoring and Maintenance

Check Resource Usage

  • Disk space: df -h (human-readable format). 
    df -h  # Output: /dev/sda1 25G 5G 20G 20% /
  • Memory usage: free -h. 
    free -h  # Output: Mem: 1.9G  400M  1.5G  2% used

Logs

Servers generate logs for troubleshooting. Common log locations:

  • /var/log/syslog: System logs (Ubuntu).
  • /var/log/nginx/access.log: Web server access logs.
  • Use journalctl to view systemd logs: 
    journalctl -xe  # Show recent logs with errors

Backups

Always back up critical data. Use rsync to copy files to another server or external storage:

rsync -av /home/alice/backup/ user@backup-server:/backups/server1/

Troubleshooting Common Issues

SSH “Connection Refused”

  • Check if SSH is running: sudo systemctl status sshd.
  • Verify firewall allows port 22: sudo ufw status.
  • Ensure your server’s IP is correct.

Package Installation Fails

  • Run sudo apt update (or dnf update) to refresh package lists.
  • Check for broken dependencies: 
    sudo apt --fix-broken install

Disk Full

  • Identify large files with du: 
    sudo du -sh /var/log/*  # Find large log files
  • Delete old logs (e.g., sudo rm /var/log/syslog.1).

Conclusion

You now have the foundational skills to manage a Linux server: setting up SSH access, navigating the command line, managing users/permissions, securing the server, and troubleshooting issues. The key to mastery is practice—experiment with installing software (e.g., a WordPress site), automating tasks with cron, or exploring advanced tools like Docker.

Remember: Linux is open-source, so leverage community resources (forums, docs) when stuck. Your first server is just the beginning!

References