Ubuntu/Setup Server
From r00tedvw.com wiki
(Difference between revisions)
(→SSH) |
(→SSH) |
||
| Line 45: | Line 45: | ||
... | ... | ||
</nowiki> | </nowiki> | ||
| + | *install fail2ban | ||
| + | <nowiki>~$ sudo apt-get update && sudo apt-get install fail2ban -y </nowiki> | ||
| + | *set ban time to 24 hours | ||
| + | <nowiki>~$ sudo vi /etc/fail2ban/jail.conf | ||
| + | ... | ||
| + | bantime = 86400 | ||
| + | ... | ||
Revision as of 01:17, 15 August 2015
Contents |
Overview
Quick checklist of things to install while setting up a new LAMP server
Security
Local
- Create new account
~$ adduser newuser Adding user `newuser' ... Adding new group `newuser' (1000) ... Adding new user `newuser' (1000) with group `newuser' ... Creating home directory `/home/newuser' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for newuser Enter the new value, or press ENTER for the default Full Name []: newuser Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] y
- Add new user to sudoer group
~$ visudo # User privilege specification root ALL=(ALL:ALL) ALL newuser ALL=(ALL:ALL) ALL
SSH
- start SSH listening on non-standard port
~$ sudo vi /etc/ssh/sshd_config ... # What ports, IPs and protocols we listen for Port 22 Port 2222 ...
- remove root from remote login
~$ sudo vi /etc/ssh/sshd_config ... PermitRootLogin no ...
- install fail2ban
~$ sudo apt-get update && sudo apt-get install fail2ban -y
- set ban time to 24 hours
~$ sudo vi /etc/fail2ban/jail.conf ... bantime = 86400 ...
