VPS Quick start

This pages contains a small summary of the default configuration of our systems. Please read this page carefully to get started with a Greenhost VPS-es smoothly.

Contents

Installed applications

Greenhost VPS-es are very minimal installed. It is however easy to add your own required software. We made this choice because we do not want to provide you with bloated systems.

In contrast of many other cloud providers, there is also no Greenhost software installed on the systems. This makes sure there is no outside interference with the configuration or access rights of your system.

As with every provider, there are some specific configurations on our platform. This short guide should help you with the basics of our setup.

The examples in the helpdesk page concentrate on Debian/Ubuntu based systems.

Accessing your system

The primary way of accessing you system will be SSH. Although we do provide a graphical user interface to your system, this is only meant for emergency access. Normally operation is by using a terminal and SSH.

Standard we do NOT provide password access and only allow access with the use of a SSH key. This to improve security. It is assumed you already have a SSH-key or are capable of creating one. As this is very platform specific, this is not part of this manual. There are many great manuals about creating an SSH key pair on the internet.

During creation of the VPS from our service center, the SSH public key of your choice will be installed. After first boot, and if you want to change/remove/add the access keys, this can be done on the system itself by editing the SSH key file, which can be found in ~/.ssh/authorized_keys

Firewall

What firewall software is installed

Linux uses standard iptables to manage the firewall. This command controls the firewall settings. However, after a reboot, those settings are forgot; the settings are not persistent.

To make a persistent configuration, VPS-es are pre-installed with the applications iptables-persistent and netfilter-persistent. This pair of applications makes is possible to read/write the firewall configuration from disk an load it during boot time.

If you are planning to use a different firewall manager, it can be advisable to remove those packages.

For security reasons a default firewall configuration is installed.

What is the standard configuration

Standard the system is configured as follows:

  • Outgoing traffic: All traffic allowed
  • Incoming traffic: The default policy is DROP. Only port 22 (SSH), 80 (HTTP) and 443 (HTTPS) is allowed

If you want to open ports to allow traffic, a simple iptables command can be executed. For example to open port 8080 on TCP, someone can execute:

# iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

Please note, this change is not persistent and will not survive a reboot. After changing the firewall test the desired configuration and if you are satisfied, save the configuration

# iptables-save > /etc/iptables/rules.v4

Kernel

The kernel of you system is loaded outside of the VPS. You can configure the desired kernel in the configuration panel of the VPS. We advice to keep this to the default setting.

Kernel modules are placed in /lib/modules/{kernel_version} during boot. This is a tmpfs always contains the latest kernel modules.

Kernels are standard compatible with docker, wireguard, aufs and other common server applications.

It is possible to migrate to management of the kernel from within the VPS. You can do this by selecting the special kernel pyGrub. You will also need to install grub and other kernel tools in your system.

This is however not advised as it will break some features of our platform (Encrypted VPS, API interface for VPS).