+370 5 205 5502 sales@monovm.com

7 ways on securing your Linux Server. From creating complex passwords to filtering SSH connections.

17

Dec, 18

7 Tips on Increasing The Security Of Linux Servers

Nowadays the use of Linux servers on the cyber-space has grown enormously and with it the amount of possible threats. Now more than ever, security has become an important factor.

In this article, we will go through seven key factors for increasing the security on Linux Servers.

7 Key points for Linux Security

  1. Using complex and unpredictable passwords
  2. Disable login with root user
  3. Restricting user login
  4. Disable protocol 1
  5. Use non-standard ports
  6. Filtering SSH connections with the firewall
  7. Use the Security Keys to identify the identity

Let's get to the nitty-gritty details!

  • Using complex and unpredictable passwords

The utmost important step in securing a Linux VPS is to choose a strong password.

First attemp by hackers will be to use Brute Force attacks to infiltrate your system. Having a complex and unpredictable password makes it nearly impossible for them to gain access to your server.

Here are a few tips to choose a sophisticated password:

  • Use at least 12 characters
  • Use upper and lower case letters
  • Put numbers between letters
  • Use non-numeric and non-letter characters

To learn more about how to make strong passwords have a read here. 

Use below code to change the password:

passwd username

To change the root password:

passwd root

 

  • Disabling login with root user

Being a root user will give you all the powers tio make any kind of changes on your Linux Terminal. Disabling login with root user means that the person logging in will no longer be able to use the root privilages. This is a great safety measure to follow because in order to access root privilages the user will have to provide the password again.

In order to disable loggin in with root user, follow these steps:

Open the file “etc/ssh/sshd_config/” with one editor:

nano /etc/ssh/sshd_config

Look for the following statement in this file and change the word yes to no.

# Prevent root logins:

 

PermitRootLogin no

 Restart the SSH service after making changes and save the file.

service ssh restart

 

  • Restrict user logins

You might have a lot of usernames on your server, but you only need a few of the accounts to be logged in.

Let's assume you have 10 users on Linux, but only two people (Sophia and Emma) should be allowed to connect remotely to the server.

To restrict Linux users, open the sshd_config file with an editor.

nano /etc/ssh/sshd_config

After the file is opened,

AllowUsers Sophia Emma

Restart the SSH service after making changes and save the file.

Service ssh restart

 

  • Disabling protocol 1

The SSH service works with 2 protocols namely protocol 1 and protocol 2. Protocol 1 has lesser security compared to the other, so it's better to use protocol 2 in your communications. 

In order to disable protocol 1, open the sshd_config file with an editor.

nano /etc/ssh/sshd_config

Find the following statement and change to "protocol 2".

# Protocol 2,1

 

Protocol 2

Restart the SSH service after making changes and save the file.

Service ssh restart

 

  • Use non-standard ports for SSH

The default SSH service port is 22, so hackers will check this port before anything else. In some cases, administrators change the SSH port to 2222, but you should know that hackers will surely scan the port 22 and if they get no result, their second choice will be the port 2222. It's better to use the ports with a lot of digits that are not reserved for other services. The best choice is between 10,000 and 65,000, in which most of them are free.

 

  • Filter SSH connections with a firewall

If you only connect remotely to the server and use a particular IP, you can use the following command to isolate your connection to the SSH service.

iptables –A INPUT –p tcp –s 5.56.233.9 –dport 22 –j –ACCEPT

By entering the above command, you can only connect to the server from a system that has an IP address of 5.56.233.9.

If you want to access the server from all locations, enter below commands:

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name ssh –rsource

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT

In the first command, you open access to port 22 for all IPs.

In the second command firewall automatically blocks the IPs that send multiple requests in less than 60 seconds.

Note: To properly execute the second command, you must add the default DROP policies.

  • Use the Security Keys for identification

Using the Security Keys has two main security advantages.

  1. You can access your terminal without entering a password.
  2. You can disable password logging completely so that no password is required to connecting to the server.

This feature protects against possible attacks such as Brute Force.

We hope this article has been helpful to you, and if you have any questions or if there are some other ways to protect your Linux server, mention in the comments below.

Sophia H

My name is Sophia H. My degree is MS in Information Technology Engineering. I have been working for 5 years on Java developing (j2ee), Computer Networking (Optical Networks), Virtualization and Hosting.