| Table of Contents |
|---|
Introduction
Outlined here are the steps to ensure your Ubuntu server has basic security.
...
- adm - so staff can view logs in apps setup without having to use the sudo command
Here is the command,
| Code Block | ||
|---|---|---|
| ||
sudo usermod -a -G adm bhitch sudo usermod -a -G adm jcassaday sudo usermod -a -G adm wellis |
...
Disable Direct Login as Root Through SSH
Normally having permit root login in ssh in Ubuntu is not a security issue. Root is simply disabled in the OS. This is a hosted Ubuntu only step where often the root account is enabled. This is dangerous because there are attackers out there looking for Unix/Linux boxes and trying to login via ssh using the username root and then a list of common passwords.
| Note |
|---|
I do not going down the route of disabling the root account as this might break the hosted Ubuntu setup. For example, Slice's or Rackspace special terminal console login might stop working. In any event, the vector of attack is SSH login. To prevent users from using root, well don't provide the root password and provide sudo privileged accounts as shown in this article. |
Connect to SSH as a staff user and edit sshd_config,
...
According to the developers, Fail2ban version 0.9 will include an unban command through it's own client program.
Triggers to Detect Suspicious Activities
More
This is basic Ubuntu Security. There is more.
| Note |
|---|
This article can be enhanced with a strategy and write up on the following triggers,
|