I have been slowly getting to know Linux commands on the Command Line Interface (CLI) over the last few months. And today was truly a great day, as I got to “harden” some of my servers by following these steps:
- Turn-on Automatic Updates
- Add a new limited (non-root) user
- Setup SSH Key-pairs
- Modify /etc/ssh/sshd_config to
- lockout all passwords
- change to only recognize IPv4
- change the default SSH port
- Add a Firewall
I won’t be able to follow all of these steps for all Servers, because some of them require Root for other installed packages/software (like Proxmox, etc) to continue working, but I’m endeavoring to at least get all of my servers completed up to Step-3. So, progress!