Cyber Security Home Page

Securing Linux Machines

This part of the page will cover the different methods that can be used to help secure Linux this is important especially in a production environment Linux security

Automatic updates

Linux security

sudo apt install unattended-upgrades

sudo dpkg-reconfigure –priority=low unattended-upgrades

need to ensure the – is – –

admin user not root

create an admin user instead of the root account

useradd “username” -m -s /bin/bash

usermod -aG sudo,adm,docker –“username”

passwd “username” (set strong)

SSH Keypair with systems

On the client side

                Ssh-keygen  -b 4096 -c “what is if for comment”

On server side

                Cd /home/”username”

                Mkdir .ssh

On the client side


—–note may need to do this command

On server side

Chown -R username:username .ssh

On server side (disable login)

Sudo nano /etc/ssh/sshd_config

Permit root login set to no from yes

Password authentication to no to yes

Sudo systemctl restart ssh

Access proxy (teleport)

Access proxy can be used for ssh in a team environment an example of this is teleport

Records the sessions.

Don’t expose unused ports

Ss -ltpn – find out all ports used

Firewall rules

Always allows sudo ufw allow 22

Sudo ufw enable

This activates the firewall

Sudo ufw status

Gives you that ports allowed

Doesn’t work for docker

Unsecure connections

Reverse proxy for the docker containers

http passwords are not encrypted

use traefik for reverse proxy

IPS systems

sudo apt install fail2ban
systemctl start fail2ban
cd /etc/fail2ban/
sudo cp fail2ban.conf fail2ban.local #copy to local
sudo cp jail.conf jail.conf #copy to local
sudo fail2ban-client status
sudo nano jail.local #edit the number of retries allowed

Securing Linux Machines

How To Guides+

Hardware Guides