1. Install debian
   • use any root password
   • create new user with strong password
2. Setup SSH
   • add pubkey ssh-copy-id user@host
   • Login SSH
   • su -
   • nano /etc/ssh/sshd_config
     • Disable Root SSH
       • PermitRootLogin no
     • Allow Pubkey
       • PubkeyAuthentication yes
     • Disable Password SSH
       • PasswordAuthentication no
   • restart sshd
     • systemctl restart sshd
   • Re-login SSH
3. Setup sudo
   • su -
   • apt install sudo
   • add user to sudo group (usermod -aG sudo user)
   • re-login
   • test sudo (sudo -s)
4. Disable su
   • sudo nano /etc/pam.d/su
     • Uncomment (auth required pam_wheel.so)
   • test su (su -)
   • Should be Permission denied
5. Disable root account
6. Post-setup Practice
   • Now you are the solely admin who have privilege access
   1. Keep your private key secure
   2. Do not forget your password