安全强化你的 Linux 服务器的七个步骤-白红宇

安全强化你的 Linux 服务器的七个步骤

阅读量：196 次

发布时间：2019-02-28

本文共 1528 字，大约阅读时间需要 5 分钟。

??????Linux???????

?????????????????????????????????????????Linux??????????

1. ????????????

???????????????????????????????????????????????????????????

? Ubuntu ? Debian ??
```
sudo apt update && sudo apt upgrade -y
```

? Fedora?CentOS ? RHEL ??
```
sudo dnf upgrade -y
```

2. ??????

??????????????root??????????????????????sudo???

??????
```
sudo adduser
```

??usermod????????sudo???
```
sudo usermod -a -G sudo
```

3. ??SSH??

??SSH?????????????ssh-copy-id?????????????????

???????????
```
ssh-copy-id @ip_address
```

????????????????????

4. ????SSH??

????????????????SSH?????????

??SSH?????
??/etc/ssh/sshd_config?????????
```
PasswordAuthentication no
```

??root?????
```
PermitRootLogin no
```

??IP?????
??AddressFamily?????SSH?????IPv4???
```
AddressFamily inet
```

??SSH???

? Ubuntu ??

sudo service sshd restart

? Fedora ? CentOS ??

sudo systemctl restart sshd

5. ?????

????????????????????????????Ubuntu??ufw????????????????

??UFW?
```
sudo apt install ufw -y
```

????????

sudo ufw allow sshsudo ufw allow httpsudo ufw allow https

??????
```
sudo ufw enable
```

????????
```
sudo ufw status
```

6. ??Fail2ban

Fail2ban??????????????????????????IP???

??Fail2ban?
```
sudo apt install fail2ban -y
```

???????

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

??Fail2ban???
```
sudo service fail2ban restart
```

?????
```
sudo fail2ban-client status ssh
```

7. ????????

??????????????????????????ss??????????????

??????????
```
sudo ss -atpu
```

?????????
? Debian/Ubuntu ??
```
sudo apt purge
```
? Red Hat/CentOS ??
```
sudo yum remove
```

??????????????Linux?????????????????????????????????????????????????????????????????????????????????????????????

转载地址：http://peti.baihongyu.com/

你可能感兴趣的文章

OpenMCU(三)：STM32F103 FreeRTOS移植

查看>>

OpenMCU(三)：STM32F103 FreeRTOS移植

查看>>

OpenMCU(二)：GD32E23xx FreeRTOS移植

查看>>

OpenMCU(五)：STM32F103时钟树初始化分析

查看>>

OpenMCU(四)：STM32F103启动汇编代码分析

查看>>

OpenMetadata 命令执行漏洞复现(CVE-2024-28255)

查看>>

OpenMMLab | AI玩家已上线！和InternLM解锁“谁是卧底”新玩法

查看>>

OpenMMLab | S4模型详解：应对长序列建模的有效方法

查看>>

OpenMMLab | 【全网首发】Llama 3 微调项目实践与教程（XTuner 版）

查看>>

OpenMMLab | 不是吧？这么好用的开源标注工具，竟然还有人不知道…

查看>>

OpenMMLab | 如何解决大模型长距离依赖问题？HiPPO 技术深度解析

查看>>

OpenMMLab | 面向多样应用需求，书生·浦语2.5开源超轻量、高性能多种参数版本

查看>>

OpenMP 线程互斥锁

查看>>

OpenMV入门教程（非常详细）从零基础入门到精通，看完这一篇就够了

查看>>

OpenObserve云原生可观测平台本地Docker部署与远程访问实战教程

查看>>

openoffice使用总结001---版本匹配问题unknown document format for file: E:\apache-tomcat-8.5.23\webapps\ZcnsDms\

查看>>

views

查看>>

OpenPPL PPQ量化(2)：离线静态量化源码剖析

查看>>

OpenPPL PPQ量化(3)：量化计算图的加载和预处理源码剖析

查看>>

OpenPPL PPQ量化(4)：计算图的切分和调度源码剖析

查看>>