Al Idian

Setting Up a Home Server

2021.03.07

Background

Recently, I purchased a NUC barebones kit, which I customized with some memory and storage. Assembling the adorable, little computer was easy and quite fun — and so was selecting and installing a Linux distro. It is strange to think this is actually the first desktop computer I have personally owned.

I wanted to use the computer as a moderately-powerful Linux development machine, and while I am experienced at working with Linux through remote connections and containers, I have never used Linux on my primary machine before.

Aside from serving as my primary computer, I wanted the NUC to function as a remote development machine — something I can ssh into from my MacBook when I am away from home. In this blog post, I wanted to write about how I was able to successfully set up the NUC as a home server for development and general computing.

Requirements

Here is what I wanted to achieve:

  1. Have the ability to work on the NUC remotely through ssh, and
  2. Do the above while on a residential internet connection with a dynamic IP address.

Creating the SSH server

The first step is simple to achieve. On my machine using Pop!_OS, I ran:

sudo apt install openssh-server

Since Pop!_OS is based on Ubuntu/Debian, the same command will work for Ubuntu, Debian, and other distros in the same family.

Even before any configuration, installing openssh-server is enough to support incoming ssh connections within the local network. So at this point, I am able to connect locally to my NUC from my MacBook through the NUC’s local IP address.

Working around a dynamic IP address

The second step is a lot more involved than the first. There are a couple distinct challenges here:

  1. Since my residential internet connection has a dynamic IP address, I can’t rely on my home’s public IP address to remain consistent over any period of time. I would like a solution that automatically handles this whenever it happens.
  2. When I try to initiate an ssh connection from an outside device to my home network, my router needs to know to relay the information to my NUC.

To solve the first challenge and after a bit of research, I did the following:

Then to deal with the second challenge, I did the following:

By using a free third-party service and making configuration changes to my home router, I was able to guarantee a reliable way to connect to my home server through ssh from an outside device.

Additional security

Since I have opened up my home network to incoming traffic from the public Internet, it is crucial that I think about what security features I can put up to minimize my attack surface. Here is what I have done so far:

sudo ufw allow ssh
sudo ufw enable