WEBVTT 1 00:00:00.080 --> 00:00:02.720 Have you ever looked at the whole world of servers, 2 00:00:02.919 --> 00:00:06.599 IT infrastructure and just thought, wow, that's a completely different language, 3 00:00:06.799 --> 00:00:08.400 you know, intimidating expensive. 4 00:00:08.960 --> 00:00:11.279 Yeah, like it's only for big companies with huge IT 5 00:00:11.359 --> 00:00:13.480 teams and budgets exactly. 6 00:00:14.119 --> 00:00:16.359 But what if I told you that running your own server, 7 00:00:16.800 --> 00:00:20.199 getting that incredible control and capability for your digital stuff 8 00:00:20.719 --> 00:00:24.000 is actually well pretty accessible now if you have the 9 00:00:24.039 --> 00:00:26.839 right knowledge. That is so today we're doing a deep 10 00:00:26.879 --> 00:00:32.039 dive into virtual private servers VPS for short. And this 11 00:00:32.079 --> 00:00:33.119 isn't just about tech. 12 00:00:32.960 --> 00:00:34.039 Talk, No, not at all. 13 00:00:34.119 --> 00:00:37.560 It's really about unlocking a level of digital independence for 14 00:00:37.640 --> 00:00:40.960 your own projects, maybe your startup or even a small business. 15 00:00:41.280 --> 00:00:44.640 Our mission here really is to demystify the vps. We're 16 00:00:44.640 --> 00:00:48.159 going to unpack the idea, walk you through picking a provider, 17 00:00:48.240 --> 00:00:50.159 the setup essential, and then what you can actually do 18 00:00:50.200 --> 00:00:52.719 with it right, explore the possibilities. We want to pull 19 00:00:52.719 --> 00:00:55.439 out the key bits of knowledge so you feel genuinely informed, 20 00:00:55.479 --> 00:00:58.280 but you know, not totally overwhelmed by jargon. 21 00:00:58.679 --> 00:01:01.840 And guiding us is joh On west Fall's fantastic book, 22 00:01:02.079 --> 00:01:05.400 Set Up and Manage your Virtual Private Server, making system 23 00:01:05.439 --> 00:01:07.480 administration accessible to professionals. 24 00:01:07.760 --> 00:01:08.719 It's our core source. 25 00:01:08.959 --> 00:01:12.519 It's a great one, really practical, translates the techiek stuff 26 00:01:12.519 --> 00:01:15.519 into normal person speak, exactly what we need. 27 00:01:15.640 --> 00:01:17.400 Okay, so let's set the scene. There was a time, 28 00:01:17.560 --> 00:01:20.640 not that long ago really, when having your own server 29 00:01:20.840 --> 00:01:25.159 was just incredibly expensive, dedicated machines, special. 30 00:01:24.799 --> 00:01:26.640 Facilities, thousands a month easily. 31 00:01:26.799 --> 00:01:30.680 So what changed? What made this level of control available 32 00:01:30.719 --> 00:01:32.079 to welp us? 33 00:01:32.400 --> 00:01:36.519 The big game changer was virtualization. It's this clever way 34 00:01:36.560 --> 00:01:41.079 to host multiple totally separate servers on one single, powerful 35 00:01:41.120 --> 00:01:42.079 physical machine. 36 00:01:42.400 --> 00:01:42.719 Wow. 37 00:01:42.799 --> 00:01:45.400 So what used to need massive cash and it staff 38 00:01:45.519 --> 00:01:48.640 now just needs well your knowledge. It's a powerful idea 39 00:01:48.680 --> 00:01:51.359 and it's what makes server ownership so much cheaper today. 40 00:01:51.439 --> 00:01:55.120 Okay, So if virtualization is the magic, what exactly is 41 00:01:55.159 --> 00:01:57.719 the server the thing we're actually using and how does 42 00:01:57.760 --> 00:01:59.680 this virtual part work in practice? 43 00:01:59.760 --> 00:01:59.879 Well? 44 00:02:00.120 --> 00:02:00.920 Think about the Internet. 45 00:02:00.959 --> 00:02:04.359 Fundamentally, it's millions of computers talking. 46 00:02:04.519 --> 00:02:06.760 Right. You've got clients, your phone. 47 00:02:06.560 --> 00:02:10.759 Your laptop, asking for stuff, right, and then servers, which 48 00:02:10.759 --> 00:02:13.800 are the computers designed to give that stuff, provide that 49 00:02:13.879 --> 00:02:17.080 information or service. Every time you open a web page, 50 00:02:17.120 --> 00:02:19.879 your device is a client talking to a server. Makes 51 00:02:19.879 --> 00:02:24.280 sense now, the virtual bit. Imagine a big shopping mall, 52 00:02:24.639 --> 00:02:28.560 that whole building that's like one giant, powerful physical server. Okay, 53 00:02:28.719 --> 00:02:31.319 Inside that mall, you have loads of different stores, right, 54 00:02:31.520 --> 00:02:34.439 Each one is separate, unique, does its own thing, but 55 00:02:34.479 --> 00:02:37.960 they all share the mall structure, the power, the air conditioning. 56 00:02:38.599 --> 00:02:40.319 A physical server is like the mall. 57 00:02:40.680 --> 00:02:44.039 It hosts many virtual servers, the stores, each getting a 58 00:02:44.039 --> 00:02:47.080 slice of the resources, totally isolated from the others, but 59 00:02:47.240 --> 00:02:48.840 sharing the underlying hardware. 60 00:02:48.919 --> 00:02:51.520 That mall analogy really helped. Okay, So let's connect that 61 00:02:51.560 --> 00:02:54.240 to something we do every day, like opening a web page, 62 00:02:54.280 --> 00:02:57.639 saybipyer dot com. How does that virtual magic happen? 63 00:02:57.680 --> 00:02:57.840 Then? 64 00:02:58.039 --> 00:03:00.879 Right, So, behind the scenes, your computer first needs the 65 00:03:00.919 --> 00:03:05.680 server's address. It asks a Domain Name service a DNS 66 00:03:05.719 --> 00:03:08.719 server for the numerical IP address for beetpirate dot com. 67 00:03:08.960 --> 00:03:10.439 Think of it like a global phone book. 68 00:03:10.520 --> 00:03:10.800 Okay. 69 00:03:11.039 --> 00:03:13.159 Once it has that number, it knocks on the door 70 00:03:13.159 --> 00:03:16.479 of the web server using a specific port number, usually 71 00:03:16.759 --> 00:03:19.759 Port eighty for regular web pages or four hundred and 72 00:03:19.759 --> 00:03:21.000 forty three for secure ones. 73 00:03:21.080 --> 00:03:22.680 The HPTPS ones. 74 00:03:22.560 --> 00:03:24.240 The little padlock exactly. 75 00:03:24.840 --> 00:03:28.400 Now, Sometimes things go wrong here, maybe the domain doesn't exist, 76 00:03:28.599 --> 00:03:31.919 or the DNS records are messed up or rarely your 77 00:03:31.919 --> 00:03:35.520 ISP might even sort of poison the result and send 78 00:03:35.599 --> 00:03:36.280 you somewhere else. 79 00:03:36.319 --> 00:03:36.719 Oh wow. 80 00:03:36.719 --> 00:03:38.840 But assuming it works, the web server answers on that 81 00:03:38.919 --> 00:03:40.919 port and sends the web page data back to you. 82 00:03:41.000 --> 00:03:42.039 That's the basic flow. 83 00:03:42.639 --> 00:03:45.719 So with all this power and control, the big question 84 00:03:45.759 --> 00:03:47.479 for a lot of folks is going to be cost. 85 00:03:48.400 --> 00:03:50.719 Is it really that much cheaper now to run your 86 00:03:50.719 --> 00:03:51.439 own vps? 87 00:03:51.520 --> 00:03:54.199 It absolutely is, and the difference is pretty striking. Shared 88 00:03:54.240 --> 00:03:56.759 hosting where you're crammed in with tons of other sites 89 00:03:56.800 --> 00:03:59.479 averages what maybe four dollars and sixty three someone, yeah, 90 00:03:59.520 --> 00:04:03.000 something like that, a basic VPS more like seventeen dollars 91 00:04:03.000 --> 00:04:04.199 and forty nine cents a month. 92 00:04:04.719 --> 00:04:06.360 But a dedicated. 93 00:04:05.759 --> 00:04:08.319 Physical server you're looking at over one hundred bucks maybe 94 00:04:08.319 --> 00:04:10.319 one hundred and seven dollars and twenty five a month. 95 00:04:10.479 --> 00:04:12.319 Huge difference, and it gets even cheaper. 96 00:04:12.719 --> 00:04:13.439 Aws. 97 00:04:13.520 --> 00:04:16.800 Amazon's cloud service has EC two instances free for the 98 00:04:16.800 --> 00:04:20.800 first year, then it's billed hourly, super flexible hourly. 99 00:04:20.959 --> 00:04:21.240 Wow. 100 00:04:21.399 --> 00:04:23.360 And if you really hunt around on sites like low 101 00:04:23.360 --> 00:04:26.920 inbox dot com, you can find bargain basement VPS deals, 102 00:04:26.920 --> 00:04:29.040 sometimes as low as two dollars and fifty cents a month, 103 00:04:29.160 --> 00:04:31.079 or even ten twenty dollars a year during sales. 104 00:04:31.120 --> 00:04:33.160 Okay, two dollars and fifty cents a month. That sounds 105 00:04:33.160 --> 00:04:35.879 almost suspicious. What's the catch? 106 00:04:35.920 --> 00:04:37.439 There has to be a trade off, right, there is, 107 00:04:37.480 --> 00:04:41.399 and it's simple responsibility. You are the tech support. Your 108 00:04:41.439 --> 00:04:43.920 provider might reset your server if things go really bad, 109 00:04:44.000 --> 00:04:46.600 reimage it, basically wipe it clean. But all your data, 110 00:04:46.639 --> 00:04:50.480 your set up, your customization's gone. So you are responsible 111 00:04:50.480 --> 00:04:52.720 for your data, backup, security, keeping things running. 112 00:04:52.759 --> 00:04:54.000 It takes time commitment. 113 00:04:54.040 --> 00:04:56.759 If you're the type who likes to outsource everything technical, yeah, 114 00:04:56.839 --> 00:04:57.199 maybe a. 115 00:04:57.240 --> 00:04:58.079 VPS isn't for you. 116 00:04:58.240 --> 00:04:59.839 Right, it's hands on totally. 117 00:05:00.480 --> 00:05:03.680 The author John Westfall he became a research psychologist but 118 00:05:03.759 --> 00:05:06.759 still manages his own it. That kind of tells you 119 00:05:06.839 --> 00:05:08.720 the level of self sufficiency involved. 120 00:05:08.800 --> 00:05:11.639 Okay, So if we're ready for that responsibility, the next 121 00:05:11.680 --> 00:05:14.879 big step is picking a provider. And you mentioned it's 122 00:05:14.879 --> 00:05:19.079 not like buying a car. The waters are muddier, Yeah, 123 00:05:19.120 --> 00:05:20.040 definitely muddier. 124 00:05:20.079 --> 00:05:22.879 It helps to think about providers in like three main 125 00:05:22.959 --> 00:05:26.199 groups based on price and service. First, you've got the 126 00:05:26.399 --> 00:05:28.279 low end price small shop guys. 127 00:05:28.399 --> 00:05:30.120 The bargain basement ones pretty much. 128 00:05:30.439 --> 00:05:33.560 Often one person shows advertising on places like low inbox 129 00:05:33.639 --> 00:05:36.120 dot com. Their whole thing is lowest costs. They assume 130 00:05:36.160 --> 00:05:38.360 you know your stuff technically and won't need much higher Right, 131 00:05:38.600 --> 00:05:41.279 you'll see specs like one CPU core often just a 132 00:05:41.319 --> 00:05:44.199 slice of a standard CPU, maybe twenty two gigabee and 133 00:05:44.279 --> 00:05:48.879 vme SSD storage small but fast, one gbp port plenty fast. 134 00:05:48.959 --> 00:05:52.360 Usually they might mention the OPENBZ hypervisor that's the software 135 00:05:52.360 --> 00:05:55.519 managing the virtual servers, and a location like. 136 00:05:55.439 --> 00:05:58.639 Los Angeles, so super cheap. But you're on your own largely. 137 00:05:58.680 --> 00:06:01.199 Yeah, and watch out for human reasons for downtime, like 138 00:06:01.240 --> 00:06:02.759 the owners on vacation or something. 139 00:06:02.839 --> 00:06:04.079 It demands a lot from you. 140 00:06:04.800 --> 00:06:07.600 Then you have the high end price large shop providers 141 00:06:07.759 --> 00:06:11.120 names you probably know like dream host, Blue host host. 142 00:06:10.879 --> 00:06:12.879 Gator, Okay, the bigger names, right. 143 00:06:13.079 --> 00:06:17.439 Hundreds of staff, custom portals, maybe apps, often two hundred 144 00:06:17.480 --> 00:06:20.759 for seven support. It's a more polished experience, but you're 145 00:06:20.759 --> 00:06:25.160 still responsible for your content, backups, security scans usually extra cost, 146 00:06:25.920 --> 00:06:29.480 and finally, the priced by the minute. Cloud infrastructure players 147 00:06:29.560 --> 00:06:34.600 the giants Amazon Web Services, AWS, Google Cloud, Microsoft, Azure, oh, 148 00:06:34.639 --> 00:06:37.600 the cloud providers exactly, pay only for what you use, 149 00:06:37.680 --> 00:06:40.439 often by the minute. Great for fluctuating needs like heavy 150 00:06:40.519 --> 00:06:44.639 data crunching sometimes or big website spikes during say tax season. 151 00:06:44.839 --> 00:06:46.480 AWS even has a price. 152 00:06:46.240 --> 00:06:48.560 Calculator, flexible but potentially complex. 153 00:06:48.639 --> 00:06:52.360 Can be They introduce cool concepts like autoscaling, adding resources 154 00:06:52.360 --> 00:06:57.199 automatically when needed, elasticity growing and shrinking easily, high availability 155 00:06:57.279 --> 00:07:00.560 or HA for uptime, load balancing, traffic. 156 00:07:00.680 --> 00:07:01.439 Powerful stuff. 157 00:07:01.639 --> 00:07:04.319 Okay, that's a diverse landscape. So how do you protect 158 00:07:04.319 --> 00:07:06.319 yourself legally? How do you know what you're actually signing 159 00:07:06.360 --> 00:07:06.600 up for? 160 00:07:07.040 --> 00:07:07.839 Crucial question. 161 00:07:08.480 --> 00:07:12.079 You need to look at two key documents, often buried. First, 162 00:07:12.160 --> 00:07:14.959 the terms of service tos. I think of it like 163 00:07:15.000 --> 00:07:19.199 your lease agreement. The fine print exactly, usually long, complex 164 00:07:19.279 --> 00:07:21.800 and written to protect them. It'll say they're not liable 165 00:07:21.800 --> 00:07:24.759 for your data loss or lost income, that backups usually 166 00:07:24.759 --> 00:07:28.240 cost extra. It covers maintenance, windows, bandwidth limits go over, 167 00:07:28.360 --> 00:07:31.560 you might get suspended. Wow, It'll likely say hacks aren't 168 00:07:31.560 --> 00:07:35.560 their fault. Covers billing, copyright takedowns, often forty eight hours, 169 00:07:35.879 --> 00:07:38.480 rules about porn fishing, stuff like that. You have to 170 00:07:38.480 --> 00:07:41.079 review it carefully, search for the bits that matter to you. 171 00:07:42.120 --> 00:07:44.480 The second if they offer it is the Service Level 172 00:07:44.519 --> 00:07:48.920 Agreement SLA. This is more like a legal contract guaranteeing uptime, 173 00:07:49.160 --> 00:07:52.399 often aiming for five nine's ninety nine point nine nine 174 00:07:52.480 --> 00:07:54.920 nine percent uptime, which is just over five minutes of 175 00:07:54.920 --> 00:07:57.720 downtime per year, tiny amount. If they breach the SLA, 176 00:07:57.800 --> 00:08:01.160 you might get service credits, but not all offer slas, 177 00:08:01.399 --> 00:08:04.360 and good ones often cost more or need longer contracts. 178 00:08:04.680 --> 00:08:08.000 Okay, Besides reading the legal docs, what are some practical 179 00:08:08.040 --> 00:08:10.480 red flags to watch out for when choosing Well? 180 00:08:10.600 --> 00:08:13.519 Definitely be wary of rates that seem too good to 181 00:08:13.560 --> 00:08:17.000 be true. Could be an inexperienced provider or someone trying 182 00:08:17.040 --> 00:08:19.800 to you know, hide a bad rep. Right the old 183 00:08:19.839 --> 00:08:23.079 saying you get what you pay for really applies. Higher 184 00:08:23.120 --> 00:08:26.800 price often means better support, better docks, faster help when 185 00:08:26.800 --> 00:08:27.079 you need. 186 00:08:27.079 --> 00:08:27.720 It makes sense. 187 00:08:28.000 --> 00:08:31.319 Big red flag if a company forbids you from encrypting 188 00:08:31.360 --> 00:08:34.519 your data or setting your own passwords, huge security issue. 189 00:08:34.559 --> 00:08:37.679 WHOA yeah, And be cautious if they only take untraceable 190 00:08:37.679 --> 00:08:41.080 payments like crypto or wire transfers, unless that's their whole 191 00:08:41.159 --> 00:08:45.200 known business model, which raises other questions. Always always check 192 00:08:45.200 --> 00:08:47.960 online reviews, Maybe ask questions on social media before. 193 00:08:47.720 --> 00:08:48.639 You buy good advice. 194 00:08:48.679 --> 00:08:52.039 Okay, say we've picked one, what do we need ready financially, 195 00:08:52.200 --> 00:08:53.000 time wise. 196 00:08:53.039 --> 00:08:56.720 Financially besides the VPS cost, you'll need a domain name 197 00:08:56.840 --> 00:08:59.559 that's cheap. Maybe ten twenty dollars a year for a 198 00:08:59.639 --> 00:09:03.080 decent high end provider. Maybe budget around three hundred dollars 199 00:09:03.080 --> 00:09:06.000 for the first year all in, okay, And it's a commitment, 200 00:09:06.159 --> 00:09:09.440 especially at first. Sign up is quick, maybe twenty minutes 201 00:09:09.559 --> 00:09:11.840 getting the server actually set up by the provider, could 202 00:09:11.840 --> 00:09:13.919 be ten minutes, could be twelve hours, depends. 203 00:09:14.039 --> 00:09:15.600 Then the real work starts. 204 00:09:15.320 --> 00:09:20.240 Yeah, logging in, installing the basics honestly, block out maybe 205 00:09:20.320 --> 00:09:23.960 ten twenty hours for that initial phase, including troubleshooting. Then 206 00:09:24.120 --> 00:09:27.559 plan for say thirty sixty minutes of weekly. 207 00:09:27.279 --> 00:09:28.679 Maintenance, weekly check ins. 208 00:09:28.799 --> 00:09:31.879 Definitely, And if you're moving from old hosting, keep the 209 00:09:31.879 --> 00:09:33.799 old one active for a month overlap. 210 00:09:33.840 --> 00:09:35.200 Trust me, it saves headaches. 211 00:09:35.720 --> 00:09:36.159 Smart. 212 00:09:36.360 --> 00:09:40.200 So okay, server's ready, accounts active. How do we actually 213 00:09:40.200 --> 00:09:41.000 connect to this thing? 214 00:09:41.279 --> 00:09:44.360 First step, point your domain name like theepirate dot com 215 00:09:44.399 --> 00:09:46.720 to your server's IP address. You do this with a 216 00:09:46.799 --> 00:09:50.159 DNSA record at your domain registrar. Okay, just know dinas 217 00:09:50.240 --> 00:09:52.759 changes take time to spread, maybe two four hours. It's 218 00:09:52.759 --> 00:09:55.120 called propagation based on TTL setting. 219 00:09:55.159 --> 00:09:56.600 I get wait a minute, then what Then? 220 00:09:56.639 --> 00:10:00.000 You connect using secure shell or SSH. If you're on Window, 221 00:10:00.279 --> 00:10:02.840 you'll likely use a tool called putty glee. Mac and 222 00:10:02.879 --> 00:10:05.960 Linux have SSH built in now. Instead of just passwords, 223 00:10:06.240 --> 00:10:09.919 many providers use private key files for better security. You 224 00:10:10.000 --> 00:10:13.240 download this key file once, keep it super safe. It's 225 00:10:13.360 --> 00:10:15.720 part of cryptographic authentication. 226 00:10:15.320 --> 00:10:17.360 More secure than a password, much more. 227 00:10:17.840 --> 00:10:20.399 Your computer also keeps a record of servers you connect 228 00:10:20.440 --> 00:10:23.399 to in a known hosts file. It helps stop you 229 00:10:23.440 --> 00:10:27.279 connecting to fake servers. Oh and we'll mostly use Debian 230 00:10:27.320 --> 00:10:28.879 and Sento Linux examples here. 231 00:10:28.919 --> 00:10:31.960 All right, Now, the command line for a lot of people, 232 00:10:32.039 --> 00:10:35.240 that sounds old school, maybe intimidating. 233 00:10:35.440 --> 00:10:38.039 Yeah, why is it still so key for a VPS? 234 00:10:38.360 --> 00:10:41.159 It really comes down to efficiency. Linux was built for 235 00:10:41.200 --> 00:10:44.559 a world of dumb terminals, just keyboards and screens connected 236 00:10:44.600 --> 00:10:45.480 to a central computer. 237 00:10:46.080 --> 00:10:47.240 You typed commands. 238 00:10:47.399 --> 00:10:49.799 Sounds like how we use a VPS now exactly. 239 00:10:49.840 --> 00:10:52.759 The command line is just faster, more direct, more powerful 240 00:10:52.759 --> 00:10:55.799 for managing a server. You can automate things, do complex 241 00:10:55.840 --> 00:10:58.279 stuff quickly with just text commands. It puts the power 242 00:10:58.399 --> 00:10:59.039 right in your hands. 243 00:10:59.039 --> 00:11:02.240 Okay, efficiency makes So we're logged in via SSH. What 244 00:11:02.320 --> 00:11:04.960 are the first practical steps the core commands we need? 245 00:11:05.240 --> 00:11:09.240 Well, besides SSH for login, you'll want SFTP Secure File 246 00:11:09.279 --> 00:11:13.200 Transfer Protocol, probably using a tool like cyberduc. That's for 247 00:11:13.279 --> 00:11:15.440 moving files between your computer and the server. 248 00:11:15.600 --> 00:11:17.320 Got it files back and forth. 249 00:11:17.399 --> 00:11:20.639 Crucially, first thing, create your own user account, one that 250 00:11:20.679 --> 00:11:25.039 isn't root. The root user idzero has god mode full permissions. 251 00:11:25.480 --> 00:11:27.960 Way safer to use a regular account for daily. 252 00:11:27.720 --> 00:11:30.600 Stuff and use root powers only when needed exactly. 253 00:11:30.799 --> 00:11:33.679 You use the pseudo command to temporarily elevate your privileges 254 00:11:33.720 --> 00:11:35.559 for specific tasks. Much safer. 255 00:11:35.679 --> 00:11:37.240 Okay, what about finding things? 256 00:11:37.639 --> 00:11:38.519 You got to understand? 257 00:11:38.519 --> 00:11:41.279 The Linux file system structure starts with the route directory 258 00:11:41.440 --> 00:11:45.519 key places BIN for es central programs, boot for startup files, 259 00:11:45.639 --> 00:11:47.039 Home where your user files live. 260 00:11:47.159 --> 00:11:48.200 Usually the only place you. 261 00:11:48.159 --> 00:11:49.879 Can write by default home is MySpace. 262 00:11:50.120 --> 00:11:53.840 Right, then etc for config files, varlog for logs, VROW 263 00:11:53.919 --> 00:11:56.919 for website files and moving around. You'll use CD to 264 00:11:57.000 --> 00:12:01.039 change directory, pbdwd to see where you are. Ella's list files, 265 00:12:01.159 --> 00:12:04.879 use LS for details and hidden files, LSLH for easy 266 00:12:04.919 --> 00:12:05.399 to read. 267 00:12:05.240 --> 00:12:06.919 Sizes elslow got it. 268 00:12:07.279 --> 00:12:11.440 Kat lets you view file contents. You can use wild cards, 269 00:12:11.600 --> 00:12:15.720 pipes to combine commands, very powerful for files. Touch creates 270 00:12:15.759 --> 00:12:18.960 empty ones, MV moves or renames CEP poppies, and deleting 271 00:12:19.200 --> 00:12:22.639 r M deletes. Be super careful with rmdashar that recursively 272 00:12:22.679 --> 00:12:24.279 deletes everything in a directory. 273 00:12:24.720 --> 00:12:28.240 No undo button, yikes? Okay, caution advised. 274 00:12:28.440 --> 00:12:31.320 Definitely Find helps you search for files. And if you're 275 00:12:31.360 --> 00:12:31.759 stuck on. 276 00:12:31.759 --> 00:12:34.679 A command, type man than the command name, give you 277 00:12:34.720 --> 00:12:36.840 the manual page. Look for the example section. 278 00:12:36.960 --> 00:12:38.879 Super helpful man like manual. 279 00:12:39.480 --> 00:12:40.039 Good tip. 280 00:12:40.240 --> 00:12:43.720 Oh and Linux uses links, especially symbolic links l n nds. 281 00:12:43.879 --> 00:12:45.679 They're like shortcuts to files elsewhere. 282 00:12:45.799 --> 00:12:47.000 Helps keep things organized. 283 00:12:47.039 --> 00:12:49.440 Okay, that's a good set of basics. Now a big 284 00:12:49.480 --> 00:12:51.559 part of Linux's permissions, right, who can do? 285 00:12:51.639 --> 00:12:53.519 What? Can you break that down simply? 286 00:12:53.799 --> 00:12:54.080 Yeah? 287 00:12:54.120 --> 00:12:57.440 Absolutely? Use the home ownership idea. Your VPS is your 288 00:12:57.440 --> 00:13:01.600 digital house. Every file, every folder has permission read write. 289 00:13:01.519 --> 00:13:03.320 Execute, read write execute okay. 290 00:13:03.480 --> 00:13:07.039 Is applied to three groups. The owner, you or maybe 291 00:13:07.080 --> 00:13:11.159 a system process. The group like collaborators, family and others. 292 00:13:11.200 --> 00:13:13.039 Everyone else strangers lower group others. 293 00:13:13.320 --> 00:13:15.799 Got it, so you might have full ReadWrite execute on 294 00:13:15.840 --> 00:13:18.639 your stuff. Your group might only read write a shared file, 295 00:13:19.039 --> 00:13:20.960 others might only read something public. 296 00:13:21.080 --> 00:13:21.559 Makes sense. 297 00:13:21.720 --> 00:13:24.279 You control this with CHUMD can use numbers like seven 298 00:13:24.320 --> 00:13:27.799 seven means full access for everyone usually bad or symbols 299 00:13:27.879 --> 00:13:30.879 like G plus W give right access to the group. 300 00:13:31.200 --> 00:13:34.639 Challenge changes the owner, ghg R changes. 301 00:13:34.320 --> 00:13:36.000 The group, and Root ignores all this. 302 00:13:36.279 --> 00:13:36.759 Root is the. 303 00:13:36.679 --> 00:13:39.519 Superadmin bypasses all permissions. That's why you use it carefully. 304 00:13:40.200 --> 00:13:43.919 So to use Root powers safely, you could log out 305 00:13:43.919 --> 00:13:45.320 and log back in as Root, but. 306 00:13:45.279 --> 00:13:46.720 That's risky for everyday stuff. 307 00:13:46.720 --> 00:13:49.000 You could use SUE to switch users, but the best 308 00:13:49.000 --> 00:13:53.120 way is pseudo super user. Do it lets your regular 309 00:13:53.240 --> 00:13:57.120 user run specific commands's route temporarily. It's safer and it 310 00:13:57.240 --> 00:13:59.720 logs what you did. That's the standard preferred method. 311 00:14:00.039 --> 00:14:02.759 Zudo got it limits the risk. Now let's peek under 312 00:14:02.759 --> 00:14:05.240 the hood. How does the vps actually start up? 313 00:14:05.279 --> 00:14:09.399 Okay, So basically biostarts loads a bootloader. Bootloader loads the 314 00:14:09.440 --> 00:14:13.039 kernel the core Linux os Linus Torvold's baby from nineteen kernel, 315 00:14:13.240 --> 00:14:17.320 then on modern systems like Wan nine or Cento seven onwards, 316 00:14:17.720 --> 00:14:21.200 systems takes over. It's the master process that starts and 317 00:14:21.279 --> 00:14:24.759 manages everything else network, web server, all background. 318 00:14:24.399 --> 00:14:26.679 Services, system the boss pretty much. 319 00:14:26.799 --> 00:14:30.559 It manages services, devices, mounts, swap space and targets like 320 00:14:30.799 --> 00:14:33.679 multi user dot target for command line only good for 321 00:14:33.759 --> 00:14:37.120 servers versus graphical dot target for a full desktop. 322 00:14:37.240 --> 00:14:39.559 And we manage systemed with system patal. 323 00:14:39.559 --> 00:14:42.799 It's your command center for services. System title, list, units, type, 324 00:14:42.840 --> 00:14:45.840 service shows what's running. You can stop services or disable 325 00:14:45.879 --> 00:14:47.039 them so they don't start on boot. 326 00:14:47.159 --> 00:14:49.279 Ah, so you can trim the fat exactly. 327 00:14:49.399 --> 00:14:52.320 Maybe you don't need the printing service cups running. Stop 328 00:14:52.320 --> 00:14:54.600 it if it restarts, maybe something else depends on it. 329 00:14:55.159 --> 00:14:58.480 Use system taitle reverse list dependencies cupstock service to find 330 00:14:58.480 --> 00:15:01.120 out what, then disable that. System tato lets you make 331 00:15:01.159 --> 00:15:03.559 your Linux install lean and mean for just what you need. 332 00:15:03.720 --> 00:15:07.799 Optimizing is good and keeping things secure means updates right. 333 00:15:08.080 --> 00:15:09.679 How do we handle software updates? 334 00:15:09.919 --> 00:15:14.639 Linux has great package managers. Debian uses APT Advanced Package Tool, 335 00:15:14.879 --> 00:15:18.240 Santos uses Yum or the newer DNF. You run commands 336 00:15:18.279 --> 00:15:21.320 like appt update then APPED upgrade on Debian or Yum 337 00:15:21.480 --> 00:15:22.399 update on Cento US. 338 00:15:22.519 --> 00:15:25.279 This checks for and installs updates for all your software. 339 00:15:25.399 --> 00:15:28.360 How often we strongly recommend doing this weekly keeps you 340 00:15:28.399 --> 00:15:30.519 patched against security holes, gets bug fixes. 341 00:15:30.600 --> 00:15:31.200 It's crucial. 342 00:15:31.440 --> 00:15:33.799 You can install from source code, but package managers make 343 00:15:33.840 --> 00:15:35.440 it so much easier for most things. 344 00:15:35.519 --> 00:15:37.919 Okay, weekly updates, got it. Now. 345 00:15:38.799 --> 00:15:41.720 The command line is powerful, but let's be honest, it 346 00:15:41.759 --> 00:15:45.919 can't be intimidating. Is there a friendlier option, A graphical way. 347 00:15:46.120 --> 00:15:46.519 There is. 348 00:15:46.559 --> 00:15:51.679 It's called webman, a really solid open source GUI graphical 349 00:15:51.879 --> 00:15:55.159 user interface for Linux admin been around forever, like twenty 350 00:15:55.159 --> 00:15:55.759 plus years. 351 00:15:55.799 --> 00:15:58.399 Webmin okay, but as using a GUI on a server 352 00:15:58.720 --> 00:15:59.240 frowned upon. 353 00:15:59.519 --> 00:16:03.759 Huh, there's definitely a debate. Pros webmin simplifies things, less 354 00:16:03.799 --> 00:16:07.600 chance of typos and commands. Easy user management includes usermen 355 00:16:07.720 --> 00:16:08.759 letting users manage their. 356 00:16:08.679 --> 00:16:10.080 Own stuff on cons. 357 00:16:10.080 --> 00:16:12.159 Cons you might not learn the command line as well 358 00:16:12.159 --> 00:16:14.679 if you rely on it too much. Uses more server resources, 359 00:16:14.960 --> 00:16:18.600 can be slower on small screens. Advice, use it for convenience, 360 00:16:18.639 --> 00:16:21.720 but don't get totally dependent. Keep those CLI skills sharp. 361 00:16:21.879 --> 00:16:24.279 Makes sense. So how do we install Webmin? 362 00:16:24.600 --> 00:16:27.279 Pretty easy? Use bubby a get to download the package 363 00:16:27.360 --> 00:16:30.559 Debian dot deb or CentOS dot rpm from the webmin 364 00:16:30.639 --> 00:16:34.720 site on Debian. Install with these pgi than apt get 365 00:16:35.559 --> 00:16:40.120 f install to fix any missing dependencies on Cento, YUMNOGPG 366 00:16:40.279 --> 00:16:43.600 check local install, then access at house in your browser. 367 00:16:43.679 --> 00:16:47.000 Go to https dot your Dash server dash ep dot 368 00:16:47.000 --> 00:16:49.879 one zero zero zero zero use https. You'll get a 369 00:16:49.879 --> 00:16:53.320 certificate warning at first because it's self signed. But and 370 00:16:53.360 --> 00:16:55.320 this is cool, it's really easy to get rid of 371 00:16:55.360 --> 00:16:58.320 that warning and make it properly secure. You install a 372 00:16:58.399 --> 00:17:00.799 trusted SSL certificate use let's encrypt. 373 00:17:00.919 --> 00:17:01.519 It's free. 374 00:17:01.759 --> 00:17:03.919 Usually need to patch you web server installed first because 375 00:17:04.000 --> 00:17:06.279 let's encrypt uses that to check you on the server, AmAm. 376 00:17:06.319 --> 00:17:09.599 Then inside webmen there's an SSL module. Few clicks, request 377 00:17:09.599 --> 00:17:12.759 the certificate, install it, Boom, secure padlock in your browser, 378 00:17:12.799 --> 00:17:13.519 no more warnings. 379 00:17:13.599 --> 00:17:14.079 Nice. 380 00:17:14.200 --> 00:17:16.880 And while you're at it, add two factor authentication to 381 00:17:17.039 --> 00:17:20.079 FA to your Webman login using Google Authenticator or similar 382 00:17:20.200 --> 00:17:21.960 extra security layer. Highly recommend it. 383 00:17:21.960 --> 00:17:25.319 Definitely good practice. So beyond setup, what can webmen actually 384 00:17:25.359 --> 00:17:27.279 do for managing the server day to day? 385 00:17:27.440 --> 00:17:30.680 Its strength is modules. It scans your server, finds installed 386 00:17:30.720 --> 00:17:33.920 software and gives you modules to manage them. Okay, like 387 00:17:33.960 --> 00:17:37.279 what well the webman group lets you configure webmen itself 388 00:17:37.359 --> 00:17:39.839 back up its settings. See logs of who did what 389 00:17:40.039 --> 00:17:43.519 manage Webman users the system group gives you visual ways 390 00:17:43.559 --> 00:17:47.960 to manage services, system sadle stuff, users in groups, view logs, 391 00:17:48.240 --> 00:17:49.720 configure the SSH server. 392 00:17:50.119 --> 00:17:51.920 Ah like disabling root log in. 393 00:17:51.880 --> 00:17:56.599 Easily exactly and requiling SSH keys critical stuff made easier. 394 00:17:56.960 --> 00:18:00.000 And remember usermen lets your regular users manage their own 395 00:18:00.039 --> 00:18:03.920 own email, maybe databases, simple web stuff without needing full 396 00:18:03.920 --> 00:18:04.759 admin access. 397 00:18:05.000 --> 00:18:07.920 Handy Okay. Managing the server is one thing. What about 398 00:18:08.000 --> 00:18:10.240 running cool applications on the server? What kind of stuff 399 00:18:10.240 --> 00:18:10.640 can we do? 400 00:18:11.039 --> 00:18:11.240 Oh? 401 00:18:11.400 --> 00:18:14.039