In this guide, the author provides steps to harden a new virtual machine from a cloud provider. They emphasize the importance of taking the security of these hosts seriously, even if one is not a sysadmin. The author assumes that the reader is familiar with navigating directories and editing files in a Linux shell. They also highlight the presence of bots that scan the internet for vulnerable systems and provide tips on how to protect against them. The guide covers updating software, creating a user account, disabling root logins, configuring SSH keys, setting up WireGuard for VPN access, and implementing a firewall using ufw. The author recommends automating the process of initializing a host and offers suggestions for starting with automation.
https://pboyd.io/posts/securing-a-linux-vm/