BIP KB:
How To Lock Down Your Linux Server For Additional Security
![]() |
Introduction to Linux SecurityLinux Security. Most people rarely secure a freshly installed server right off the bat, but in the world we live in this is an absolute must. So if it’s so important to, why do so many people wait and do it last, if at all? I’m as guilty as the next person. It often comes down to just wanting to to start developing and doing the fun stuff. Hopefully this tutorial will show that it is far better secure your server first, and have the peace of mind that attacks are being blocked. With that said, this tutorial provides a way to lock down your linux Ubuntu/Debian and CentOS servers to help prevent online intruders from getting in. So lets get started! |
For Ubuntu/Debian Servers:
Step 1 - Connect to server shell using your favorite SSH client.
Step 2 - Create a user:
adduser username
Step 3 - Grant user sudo access:
Usermod -a -g sudo username
Step 4 - Log out of the server:
Logout
Step 5 - Login as the new user:
ssh username@hostname
CentOS, RHEL or other RPM-based distros:
Step 1 : Create user:
adduser username
Step 2 : Assign user password:
passwd username
Step 3 : Grant user sudo access:
vi sudo
Username all=(all) all
Step 4 : When finished, press ‘Esc’ and type the following:
:wq
Step 5 : Log out of server:
logout
Step 6 : Login as the new user:
ssh username@hostname
To stay even more secure, you can generate a key-pair for certificate-based authentication:
In an SSH session, apply the following steps:
Step 1: Generate key pair:
ssh-keygen
Step 2: A message will come up asking to create a filename, create the desired filename or accept defaults.
Note: Optionally, a passphrase can be generated for the key being used.
Step 3: Once the keys have been generated, they can be copied over to the host.
Scp ../id_rsa.pub username@hostname Mkdir .ssh
Staying on top of Linux Security
After completing the Linux Security steps above you should now have a server that is locked down and ready to use. Please keep in mind that this is not the end all to server security. Always Stay on top of updates and patches and test them in a non-production environment first. Always close unused ports, and check your logs on a regular basis, and know your servers inside-and-out.
Tags: Security, centos, ubuntu, debian, Server, linux security, linux server, Lock Down, Server Security
Spin Up A VPS Server In No Time Flat
Simple Setup
Full Root Access
Straightforward Pricing
DEPLOY A SECURE VPS SERVER TODAY!Leave a Reply
Feedbacks
![]() This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International License. |