At Monovm we provide you with the underlying facts, assumptions and rules which a computer system has.

17

Dec, 18

How to secure the Linux VPS?

  • by Sophia H
  • in Linux
  • View 113

How to secure the Linux VPS?

Nowadays the use of Linux servers on the Internet has grown enormously and security is the important term that we should attend to it.

In this article, we are going to study seven key points for security in Linux servers step by step.

 

7 Key points for Linux Security

  1. Using complex and unpredictable passwords
  2. Disable login with root user
  3. Restricting user login
  4. Disable protocol 1
  5. Use non-standard ports
  6. Filtering SSH connections with the firewall
  7. Use the Security Keys to identify the identity

 

  1. Using complex and unpredictable passwords

The first step to secure the Linux is to choose a complex password.

Hackers in the first step try to break your password and infiltrate your system with Brute Force attack and if you use a complex password, the hacker's work becomes difficult.

Here are a few tips to choose a sophisticated password:

  • Use at least 8 characters
  • Use upper and lower case letters
  • Put numbers between letters
  • Use non-numeric and non-letter characters

passwd username

Use below code to change the password:

 

To change the root password:

passwd root

  1. Disabling login with root user

Disabling login with root user means that you cannot use the root user when logging into the Linux Terminal.

To disable login with root user, follow these steps:

Open the file “etc/ssh/sshd_config/” with one editor:

nano /etc/ssh/sshd_config

Look for the following statement in this file and change the word yes to no.

# Prevent root logins:

 

PermitRootLogin no

 

Restart the SSH service after making changes and save the file.

service ssh restart

  1. Restrict user logins

You may have a lot of usernames on your server, but only a few of them need to be logged in.

For example, you have 10 users on Linux, but only Sophia and Emma can remotely connect to the server.

To restrict Linux users, open the sshd_config file with an editor.

nano /etc/ssh/sshd_config

After the file is opened,

AllowUsers Sophia Emma

Restart the SSH service after making changes and save the file.

Service ssh restart

  1. Disabling protocol 1

nano /etc/ssh/sshd_config

The SSH service works with 2 protocols called protocols 1 and 2, protocol 1 has less security. So, it's better to use protocol 2 in your communications. To disable protocol 1, open the sshd_config file again with the editor. Find the following statement and change to "protocol 2".

# Protocol 2,1

 

Protocol 2

Restart the SSH service after making changes and save the file.

Service ssh restart

  1. Use non-standard ports for SSH

The default SSH service port is 22, and the hackers check this port at first. In some cases, administrators change the SSH port to 2222, but you should know that hackers will surely scan the port 22 and if do not get the result, their second choice is the port 2222. It's better to choose the ports with a lot of digits that are not reserved for other services. The best choice is between 10,000 and 65,000, which the most of them are free.

 

  1. Filter SSH connections with a firewall

iptables –A INPUT –p tcp –s 5.56.233.9 –dport 22 –j –ACCEPT

If you only connect remotely to the server and use a particular IP, you can use the following command to isolate your connection to the SSH service.

By entering the above command, you can only connect to the server from a system that has an IP address of 5.56.233.9.

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name ssh –rsource

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT

If you want to access the server from all locations, enter below commands:

In the first command, you open access to port 22 for all IPs.

In the second command firewall automatically blocks the IP that sends multiple requests in less than 60 seconds.

Note: To properly execute the second command, you must add the default DROP policies.

 

  1. Use the Security Keys to identify the identity

Using the Security Keys has two main security advantages.

  1. You can access your terminal without entering a password.
  2. You can disable password logging completely so that no password is required to connecting to the server.

This feature protects against possible attacks such as Brute Force.

I hope this article will be helpful to you.

Sophia H

My name is Sophia H. My degree is MS in Information Technology Engineering. I have been working for 5 years on Java developing (j2ee), Computer Networking (Optical Networks), Virtualization and Hosting.