AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Ssh device over internet11/25/2023 The next step is to copy the SSH key to the Ubuntu server. You can specify a different location to save the keys if you like. SSH keys are the recommended way to log into any Linux server environment remotely.īack in our client machine (not on the server) let's create a pair of keys - private and public keys. Let's work on improving the configurations of our SSH server. This is one of the major vectors of attack by hackers on Linux exposed on the internet. Which is the default SSH server software used within Ubuntu. Most Linux servers are administered remotely using SSH using OpenSSH technology. The default configuration will automatically retrieve new package updates for most of the packages included in the Ubuntu repositories. Install unattended upgrades and enable itĪfter installing just enable the service and we should be good. The purpose of unattended-upgrades is to keep the computer current with the latest security (and other) updates automatically. Unattended-Upgrade is a service that regularly checks and updates the OS packages. $ sudo ufw allow 22Īllowing port 22 (SSH default port) on the UFW firewallĭon't forget to use sudo - we should be using the secondary user instead of the root $ sudo ufw default deny incomingĭeny all incoming by default, allow outgoing, and finally enable the ufw serviceĭeny all incoming by default, allow outgoing, and finally enable the ufw service $ sudo ufw statusĭisplaying Status of ufw Service Displaying Status of ufw Service With the use of ufw it's very simple to allow or block a port. UFW is the default firewall system (under the hood is the great IPTables) in Ubuntu Server. Now we're able to use sudo in front of a command to run as administrative rights. $ usermod -aG sudo secondary Including the Secondary user in the sudo group Run usermodcommand to include secondary into sudo group. The next step is to grant the use sudo command when necessary. Now we have a user with fewer privileges. We should answer some questions (starting with the password) and we shall have the user. $ adduser secondary Creating the Secondary User # create a regular user with name secondary Execute the following command in our bash shell. Logged as the root user let's create a non-root user called secondary. To accomplish that let's create a non-root user and use the sudo command to elevate our privileges only when necessary. Operating System: Ubuntu Server 20.04 - but it also working for different flavors of Linux.įirst thing first: Never use the root user for non-privilege tasks. Password: generated with a password generatorĭescription: Non Root user for daily basis access Use config file in SSH client for easier connection.Creating a non-root user and use eventually elevated privileged.Let's go through some often and ease configurations that will make it an attacker hard if trying to access your machine. Often managed using an SSH connection we must secure our machines as much as we can against hacker attacks. Exposing virtual machines to the internet it's not an easy task.
0 Comments
Read More
Leave a Reply. |