How to Secure a Linux Server (or Desktop)

In this video, I go over six steps you can take to secure your Linux server.
Although I focus on Linux SERVERS in this video, you can take most of these points and apply them to a Linux desktop.

Chapters:
0:00 Introduction
1:13 Updates
5:48 SSH
11:17 Services
13:53 User Management
15:01 Firewall
17:00 Encryption
17:50 SELinux & AppArmor

Links:
How to enforce password complexity on Linux: https://www.networkworld.com/article/930846/how-to-enforce-password-complexity-on-linux.html
SELinux Documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/using_selinux/getting-started-with-selinux_using-selinux
AppArmor Documentation: https://ubuntu.com/server/docs/security-apparmor

Commands used in this video:
Check for updates (Ubuntu/Debian only): sudo apt update
Install updates (Ubuntu/Debian only): sudo apt upgrade
Edit unattended-upgrades configuration (Ubuntu/Debian only): sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
Apply changes to unattended-upgrades configuration (Ubuntu/Debian only): sudo systemctl restart unattended-upgrades
Generate an SSH keypair (to be done on your local computer): ssh-keygen
Make « .ssh » folder (you may already have this): mkdir ~/.ssh
Add your PUBLIC key as an authorized key: nano ~/.ssh/authorized-keys
Edit SSH configuration: sudo nano /etc/ssh/sshd_config
Delete an additional SSH configuration file that keeps password authentication enabled (Ubuntu only): sudo rm /etc/ssh/sshd_config.d/50-cloud-init.conf
Disable root user (NOTE: The root user is disabled by default on Ubuntu): sudo passwd -l root
Remove sudo privileges for a user: sudo deluser [username] sudo (example: sudo deluser drew sudo)
Delete a user: sudo deluser [username] (example: sudo deluser drew)
Configure password policies: sudo nano /etc/pam.d/common-password
Configure faillock module: sudo nano /etc/security/faillock.conf
Enable ufw: sudo ufw enable
Open a port on ufw: sudo ufw allow [port]/[protocol (optional)] (example: sudo ufw allow 22/tcp)
Show ufw rules: sudo ufw status numbered
Delete a ufw rule: sudo ufw delete [rule number] (example: sudo ufw delete 1)

Join this channel to get access to perks:
https://www.youtube.com/drewhowdentech/join

Views : 431
linux

Source by Drew Howden Tech