Skip to content

How to secure your Dedicated Valheim Server (Ubuntu) and maximize your Administrative experience with the Advance Menu System

Jump to bottom
Zerobandwidth edited this page Mar 11, 2021 · 5 revisions

Root should never be allowed to SSH into your server. So let's take some simple steps in preventing this and adding a layer of security to your Valheim Server.

  1. Login to you Ubuntu Box as Root(this will be last time you do this).
Use putty or a terminal that you like
  1. Create a new sudo(adminstrator) account
adduser WhateverNameYouWant
  1. Make the new user a sudoer
usermod -aG sudo WhateverNameYouMade
  1. Switch to your new user and make sure everything works
su - WhateverNameYouMade
enter your password
  1. See if your new account is a sudoer
sudo whoami
You should see something like this
WhateverNameYouMade@ubuntu-s-2vcpu-4gb-lon1-01:~$ sudo whoami
[sudo] password for WhateverNameYouMade:
root

  1. Done with that.

  2. Now let's prevent root from SSH, so you cant be hacked from the evil interwebs

sudo nano /etc/ssh/sshd_config

change

#LoginGraceTime 2m
PermitRootLogin Yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

to

#LoginGraceTime 2m
PermitRootLogin No
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

Save

CTRL+o (press enter) CTRL+x to exit
  1. Restart SSH Service
sudo service ssh restart

Now bots attempting to guess your root password via SSH, will be banned after a few failed attempts. If you still need to switch to root later, you can but your new account can do everything root does because it will act as root. If you forget your new account password, you will need to recover it through your cloud server provider(normally they have a root recovery password)

  1. From here on out, please SSH into your Ubuntu Server with your new account.

If you want to harden your Ubuntu Server even more, feel free to follow this awesome guide here:

https://www.informaticar.net/security-hardening-ubuntu-20-04/

Install CockPit https://cockpit-project.org/

sudo apt install cockpit -y

Enable ports 9090 TCP

Open Firewall rules all allow for 9090 TCP
Follow same steps you did for Valheim ports 2456,2457,2458

Start Cockpit Service

sudo systemctl start cockpit

Check the Cockpit Service

sudo systemctl status cockpit

Install Fail2Ban

sudo apt install fail2ban

If you want more Documentations: https://linuxize.com/post/install-configure-fail2ban-on-ubuntu-20-04/

Add Windows Section Add Linux Section

Clone this wiki locally