imthenachoman/How-To-Secure-A-Linux-Server
原文摘要
An evolving how-to guide for securing a Linux server. How To Secure A Linux Server An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters. Table of Contents Introduction Guide Objective Why Secure Your Server Why Yet Another Guide Other Guides To Do / To Add Guide Overview About This Guide My Use-Case Editing Configuration Files - For The Lazy Contributing Before You Start Identify Your Principles Picking A Linux Distribution Installing Linux Pre/Post Installation Requirements Other Important Notes Using Ansible Playbooks to secure your Linux Server The SSH Server Important Note Before You Make SSH Changes SSH Public/Private Keys Create SSH Group For AllowGroups Secure /etc/ssh/sshd_config Remove Short Diffie-Hellman Keys 2FA/MFA for SSH The Basics Limit Who Can Use sudo Limit Who Can Use su Run applications in a sandbox with FireJail NTP Client Securing /proc Force Accounts To Use Secure Passwords Automatic Security Updates and Alerts More Secure Random Entropy Pool (WIP) Add Panic/Secondary/Fake password Login Security System The Network Firewall With UFW (Uncomplicated Firewall) iptables Intrusion Detecti…