In this tutorial, we will go in excess of how to harden your Linux server against unauthorized accessibility. With these basic security practices in spot, your server will be additional secure from outside the house assaults.
Chapters:
:00 – Intro
:41 – Updating Your Method
4:34 – Making use of Automatic Updates
6:20 – Include a Confined User Account
10:22 – Harden SSH Access
16:12 – Get rid of Unused Ports
17:57 – Outro
New to Linode? Get begun below with a $100 credit →
Read the doc for more details on Securing Your Server→
Master much more about Security→
Subscribe to get notified of new episodes as they arrive out →
#Safety #Linode #ServerSecurity #Linux
Solution: Linode, Server Protection, Linux Jay LaCroix
Golden stuff
Jay, you did a good job in the video. Thanks for explaining everything.
I would make a suggestion to all you Windows 10 users that are PowerShell users when it comes a time in the video to copy your ssh key over, make sure you create the directories in the user profile on the Linode server ((mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys) and (chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys)), and then use this PowerShell command to copy key over (type $env:USERPROFILE.sshid_rsa.pub | ssh USERNAME@12.34.56.789 "cat >> .ssh/authorized_keys")
Hi, I got a problem, when I try to access as you at 15:40 I can't access, ask me for a password, Wich I don't know what's the password
ssh "ip address"
"my user"@"linode-ip's password"
I followed all your steps what can I do?
5:00 Automatic updates with:
$ apt install unattended-upgrades
$ dpkg-reconfigure –priority-low unattended-upgrades
6:08 Confirm usage of unattended-upgrades
7:00 Create a new user
7:37 # ls /home
7:43 # cat /etc/passwd
7:55 Check whether sudo is installed or not: # which sudo
8:20 visudo
8:30 Make that new user a member of either those two groups (sudo or admin)
9:10 Otherwise # usermod -aG [sudo,admin,wheel] userName
9:36 # groups userName
9:52 Make sure that sudo works: # su – userName
10:02 Make sure sudo actually works: $ sudo apt update
14:23 allowUsers user1 user2 etc
15:15 $ sudo systemctl restart sshd
16:20 List all ports that are actually listening for outside connections $ sudo ss -atpu
17:20 $ sudo apt remove postfix
5:00 One question concerning "automatic upgrades". Will the system reboot automatically? or do we still have to reboot it ourselves? What if automatic rebooting, as a result of unattended-upgrades, affects the web applications or containers?
I am forever subscribed ! Thank you for this!! Please keep it up :)))
How to do hardening via ansible play book
Great Video! Thank you for this. Can you do one about firewall configuration.
Thank you for this video.
Great video, really helpful content.
Really Great and Useful Video! Thank you Linode!
I've gone through this multiple times but can't figure out why mine only switch between root and my user@localhost, whereas yours has jay@webserver and jay@laptop. Whether that's relevant I do not know, but I get to the key and up to the point where you ssh into the linode is the same, but I still have to enter a password. I'm sure there's a detail I missing if my result is different but I'm at a complete loss.
I have been through every guide and cannot figure out why its still prompting me for password entry. I'm accessing a linode that runs on ubuntu 18.04 LTS from my local device (laptop) using an ubuntu 20.04 LTS terminal.
I follow your steps exactly and it does not work.
I follow your steps exactly + going into /etc/ssh/sshd_config and deleting "#" next to "PubKeyAuthentication yes" and deleting the "#" next to "PasswordAuthentication no" to enable the lines then save, exit log back in and it still prompts me for a password.
My starting user in my laptop terminal is <MicrosoftUser>@<DeviceName> so I enter ssh root@<linodeIP> and it prompts for password. Do I need to copy the public key to my local device as well?
when I `$ exit ` it switches back to root and does not logged out. I also have to prepend the user with `@` and the ip address to log in. I can't log in just ssh and ip address… the latter after setting up ssh and testing on another terminal tab that it works the former right in the beginning when we first log out.
I personally like how Linode is featuring some of my favorite Youtubers. Wolfgang was also featured on Linode's channel. Thanks Linode!