Introduction
This article introduces the steps on how to secure a Linux server.
1 Keep the Linux Kernel and software updated.
2 Change password regularly.
3 Change SSH port
4 Enable the Firewall service and block unused ports.
5 Use SSH key Instead of the password to log in to the Linux server
1 Keep the Linux Kernel and software updated
An important step of securing the system is to install system patches in time. Linux provides many necessary tools and methods to ensure the update of the system, and all security updates should be implemented as soon as possible.
Centos: yum update
Ubuntu: apt-get update && apt-get upgrade
2 Change password regularly
3 Change SSH port
4 Enable the Firewall service and block unused ports
Please enable the firewall service and configure it only to allow network traffic that you designate.
5 Use SSH key Instead of the password to log into the Linux server
Next, make these two changes:
- Disable SSH password authentication.
- Restrict root from logging in remotely.
Run the command "vi /etc/ssh/sshd_config" and ensure these lines:
PasswordAuthentication yes
PermitRootLogin yes
look like this:
PasswordAuthentication no
PermitRootLogin no
Restart the SSH service to enable your changes. Note that it is a good idea to have two active connections to your server before restarting the SSH server. Having that extra connection allows you to fix anything should the restart go wrong.
$ sudo service sshd restart