LochStudios  /  Help Centre  /  VPS & Linux  /  First steps on a new VPS (update packages, create a sudo user)

First steps on a new VPS (update packages, create a sudo user)

Secure your new VPS by updating packages and creating a dedicated sudo user.

Updated

When you first receive access to your VPS, the next critical step is updating your system packages and creating a non-root user for daily work. These steps harden your server and follow security best practices.

Log In and Update Packages

1. Connect to your VPS via SSH
- Use the username and IP provided by your hosting company (see Connect to your VPS via SSH for detailed instructions)

2. Update your package lists
```bash
sudo apt update
```
On Red Hat/CentOS systems, use sudo dnf update instead.

3. Upgrade installed packages
```bash
sudo apt upgrade -y
```
The -y flag automatically answers "yes" to any prompts. This may take a few minutes and may ask you to restart services—accept the defaults by pressing Enter.

4. Install sudo if missing (rare on modern VPS)
```bash
apt install sudo -y
```

5. Reboot if needed
- If the upgrade message suggests it, reboot:
```bash
sudo reboot
```
- Wait about a minute, then reconnect via SSH

Create a New Sudo User

Using root for daily work is risky—create a dedicated user with sudo privileges instead.

1. Create a new user
```bash
sudo adduser youruser
```
Replace youruser with your preferred username (e.g., ubuntu, admin, or your name).

2. Set a password
- Enter a strong password when prompted (at least 12 characters, mix of letters, numbers, and symbols)
- Confirm the password
- Optionally fill in the "Full Name" and other fields (or press Enter to skip them)

3. Grant sudo privileges
```bash
sudo usermod -aG sudo youruser
```
This adds your new user to the sudo group, enabling passwordless sudo with SSH keys later.

4. Test the new user
- Disconnect from your current session (type exit)
- Log back in with your new user:
```bash
ssh youruser@your-server-ip
```
- Test that sudo works:
```bash
sudo whoami
```
If it returns root, you're all set.

Optional: Disable Root Login

Once you have a working sudo user, it's a good idea to disable direct root login to prevent brute-force attacks.

1. Edit the SSH configuration
```bash
sudo nano /etc/ssh/sshd_config
```

2. Find the line PermitRootLogin yes (or PermitRootLogin without-password)
- Change it to PermitRootLogin no
- Use Ctrl + W to search in nano

3. Save and restart SSH
- Press Ctrl + X, then Y, then Enter
- Restart the SSH service:
```bash
sudo systemctl restart ssh
```

4. Test before disconnecting
- Open a new terminal window (don't close your current one yet)
- Try to log in as your new user to confirm it still works
- Only then close the old root session

What's Next?

Your VPS is now updated and secured with a dedicated user. Recommended next steps:
- Secure SSH with key-based authentication and disable password login to eliminate password-based login
- Set up a UFW firewall on Ubuntu to restrict network access
- Install your application stack (web server, database, etc.)

Troubleshooting

"sudo: command not found"
- Ensure you ran sudo usermod -aG sudo youruser and reconnected via SSH

Can't log in after disabling root
- You may have a syntax error in /etc/ssh/sshd_config
- Use a recovery console provided by your hosting company to fix it, or contact support


Was this article helpful?

← Back to VPS & Linux