Today I Hardened some of my Servers

I have been slowly getting to know Linux commands on the Command Line Interface (CLI) over the last few months.  And today was truly a great day, as I got to “harden” some of my servers by following these steps:

  1. Turn-on Automatic Updates
  2. Add a new limited (non-root) user
  3. Setup SSH Key-pairs
  4. Modify /etc/ssh/sshd_config to
    1. lockout all passwords
    2. change to only recognize IPv4
    3. change the default SSH port
  5. Add a Firewall

I won’t be able to follow all of these steps for all Servers, because some of them require Root for other installed packages/software (like Proxmox, etc) to continue working, but I’m endeavoring to at least get all of my servers completed up to Step-3.  So, progress!