Cyber Security Home Page
Securing Linux Machines
This part of the page will cover the different methods that can be used to help secure Linux this is important especially in a production environment Linux security
Automatic updates
Linux security
sudo apt install unattended-upgrades
sudo dpkg-reconfigure –priority=low unattended-upgrades
need to ensure the – is – –
admin user not root
create an admin user instead of the root account
useradd “username” -m -s /bin/bash
usermod -aG sudo,adm,docker –“username”
passwd “username” (set strong)
SSH Keypair with systems
On the client side
Ssh-keygen -b 4096 -c “what is if for comment”
On server side
Cd /home/”username”
Mkdir .ssh
On the client side
Ssh-copyid_rsa.pub username@host
—–note may need to do this command
On server side
Chown -R username:username .ssh
On server side (disable login)
Sudo nano /etc/ssh/sshd_config
Permit root login set to no from yes
Password authentication to no to yes
Sudo systemctl restart ssh
Access proxy (teleport)
Access proxy can be used for ssh in a team environment an example of this is teleport
Records the sessions.
Don’t expose unused ports
Ss -ltpn – find out all ports used
Firewall rules
Always allows sudo ufw allow 22
Sudo ufw enable
This activates the firewall
Sudo ufw status
Gives you that ports allowed
Doesn’t work for docker
Unsecure connections
Reverse proxy for the docker containers
http passwords are not encrypted
use traefik for reverse proxy
IPS systems
sudo apt install fail2ban
systemctl start fail2ban
cd /etc/fail2ban/
sudo cp fail2ban.conf fail2ban.local #copy to local
sudo cp jail.conf jail.conf #copy to local
sudo fail2ban-client status
sudo nano jail.local #edit the number of retries allowed
Securing Linux Machines
How To Guides+
Hardware Guides