Build a non-production Ubuntu server VM
This is the procedure I go through to set up a Ubuntu server VM to try something out. It flies in the face of any best practice of keeping a server secure, and that's by design.
Usually, this will be a VirtualBox VM running on a Linux host (I have a pretty beefy main machine with a 12-core AMD CPU and 32 gigabytes of RAM that can support a few of these running).
Current as of Ubuntu 22.04 LTS “Jammy Jellyfish” for the server VM and VirtualBox 6.1.38 running on Linux as the host environment.
Select a reasonable number of cores, amount of RAM and disk space. (I usually use 2 cores, 4 GB RAM and 32 GB of disk space unless the software I want to use needs more.)
Switch off audio.
Select “bridged networking”.
Note the MAC address of the network interface as you will need that in the next step.
Create an entry in your hosts database and assign a host address, so DHCP will configure it correctly. (If you don't have a hosts database, add it to your DNS and DHCP configuration manually.)
Add to your SSH configuration on your main machine by adding the following section to
(substituting the name of the server for
and the name of your SSH private key file, preferably one with no password set on the corresponding private key, for
Host $server $server.domain User $server StrictHostKeyChecking no CheckHostIP no IdentityFile $ssh_private_key_file
Optional: add to secondary zone (then add to the SSH configuration as well).
Select English as the language and German as the keyboard layout. (In my case, anyway.) I don't configure the disk as an LVM group (I don't see what that would be good for here.)
Use the server name as the user name and password.
Select installation of the OpenSSH server.
Configure SSH access from your main machine (substituting as above,
is the corresponding public key to the private key in the file you used above):
ssh $server sh -c "\"mkdir -p .ssh && echo '$ssh_public_key' > .ssh/authorized_keys && chmod -R go= .ssh\""
Fix the default editor:
sudo update-alternatives --set editor /usr/bin/vim.basic
Should that fail (maybe you are applying this guidance to a desktop install), install the
package and repeat. Edit the sudo file so the middle section looks like this (the changes are: rename group to
, add the
option and switch the sections as shown):
# Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # Members of the adm group may gain root privileges %adm ALL=(ALL) NOPASSWD: ALL
Check the time zone with
. It should be set to “Etc/UTC”. If it isn’t, set it:
sudo timedatectl set-timezone Etc/UTC
Create an executable file
with the following content and run it:
#! /bin/sh sudo apt-get update while ! sudo apt-get full-upgrade -yuf do sleep 10 done sudo apt-get autoremove -y sudo apt-get autoclean if [ -e /var/run/reboot-required ] then sudo shutdown -r now fi
EUI-64 IPv6 generation should be enabled by default; check by doing a
, preferably from another machine.
I also suggest installing the
package. Mosh is an extension to ssh that can perform better under certain circumstances.