5 Easy Tweaks to increase your Linux Server's Security

preview_player
Показать описание
In the second episode of my Enterprise Linux Security series, I'll show you 5 easy tweaks you can make to enhance the security of your Linux server. Ubuntu Server will be shown as the example distribution, but most of these tweaks can be done on any distro with some modifications to the syntax as necessary.

Time Codes:
00:00 - Intro
03:27 - Tweak 1: Adding a non-root user
08:06 - Tweak 2: Install updates
10:47 - Tweak 3: Setting up unattended-upgrades
20:31 - Tweak 4: Locking down Openssh
32:26 - Tweak 5: Installing Fail2ban

# LearnLinuxTV Links
🐧 Main site:

🐧 LearnLinuxTV Community:

# Support LearnLinuxTV (commission earned)
📖 Check out Jay's latest book, Mastering Ubuntu Server 4th Edition. Covers Ubuntu 22.04!

☁️ Support LearnLinuxTV and Set up your own cloud server with Akamai Connected Cloud:

🙌 Support me on Patreon and get early access to new content!

☁️ Check out Extended Lifecycle Support to keep your end-of-life distributions supported for a longer period of time:

🛒 Affiliate store for Linux compatible hardware/accessories (commission earned):

💻 Check out the Tiny Pilot KVM for your Homelab (commission earned):

# About Me
🐦 Follow me on Twitter!

👨 More about me:

# Recommended evergreen videos:
💽 How to create a bootable flash drive for installing Linux

🐧 OpenSSH Guide

📖 LVM Deep-dive:

🔐 How to better secure OpenSSH:

☁️ How to create a cloud Linux server with Linode:

*📘 FAQ*

#Server #Linux #Security
  1. Learn Linux TV
  2. Linux
  3. Tutorial
  4. Review
  5. Howto
  6. Guide
Рекомендации по теме
5 Easy Tweaks 0:40:05

5 Easy Tweaks to increase your Linux Server's Security

5 EASY BIOS 0:08:01

5 EASY BIOS Tweaks that Increase AMD RYZEN PERFORMANCE & FPS

5 Simple Tweaks 0:03:31

5 Simple Tweaks to Get the Best Picture Settings for Your TV

5 Simple Tweaks 0:06:11

5 Simple Tweaks That Can Boost Your Trading Results

Best PC Settings 0:45:17

Best PC Settings for COD Modern Warfare 3 SEASON 5! (Optimize FPS & Visibility)

HUGE PERFORMANCE BOOST 0:18:39

HUGE PERFORMANCE BOOST - Hell Let Loose Graphics Settings Guide

3 EASY BIOS 0:03:53

3 EASY BIOS tweaks that increase AMD RYZEN PERFORMANCE & FPS - 3 Minutes or Less

5 easy Ableton 0:04:35

5 easy Ableton Live Tweaks that will instantly 100% IMPROVE your Work Flow

How to make 0:09:49

How to make your phone run faster: 5 easy tricks | Boost your phone speed with these 5 tricks

make Windows boot 0:02:07

make Windows boot FASTER! with these easy settings 😍 [windows 10/11]

5 SIMPLE Pytest 0:14:15

5 SIMPLE Pytest tricks to improve your tests

3 EASY FREESTYLE 0:00:16

3 EASY FREESTYLE TRICKS YOU CAN LEARN! ⚽⚽⚽ #football #skills #shorts

5 Easy Tricks 0:09:16

5 Easy Tricks for 90% Headshot rate (beginner/ intermediate) 2023- freefire

BOOST your ROG 0:12:49

BOOST your ROG ALLY performance with easy tweaks!

5 Easy Tricks 0:03:01

5 Easy Tricks to Improve at Hypixel Bridge Scrims

Easy dance tricks 0:00:15

Easy dance tricks for your contemporary solo #contemporarydance #dance #ballet #dancer

5 Easy tricks 0:00:43

5 Easy tricks for beginners // Kiteboarding

learn this 3 0:00:41

learn this 3 #penspinning easy tricks!

Easy Beginner Tricks 0:00:32

Easy Beginner Tricks on a Wakeboard

How To Make 0:07:09

How To Make 5 Easy Ski Tricks Cool

15 Easy Juggling/Freestyle 0:10:17

15 Easy Juggling/Freestyle Skills | Learn These Simple Football Freestyle Tricks

*BEST BOUNTY HUNTING 0:04:33

*BEST BOUNTY HUNTING TIPS AND TRICKS* - Get 30M Bounty Easy Blox Fruits

5 Easy Setup 0:08:05

5 Easy Setup Tricks iRacing Players Should Know!

Mini Militia tricks 0:03:11

Mini Militia tricks | How to win Mini Militia Easily Without hack | Doodle Army 2 - Mini Militia

Комментарии
Автор

Great video Jay, i think this should be somewhat of a series if possible "Securing Linux servers 101"

nightmarenova
Автор

Great video as always. It is amazing the amount of information you are able to deliver on the topics and surrounding the topics on such a clear manner.

For the same reason, to me, the third edition of your book "mastering ubuntu server" is a master piece.

TheBlues
Автор

Love the security content! Keep it coming!

camerontgore
Автор

Back on track again :) Thanks for all that you do, Jay.

cstephan
Автор

Hi Jay, Thank you for the video, very helpful.

grahammccann
Автор

Good info. Thanks Jay!! If u get a chance i would love to see a video showing how to manually set up an open lightspeed server with wordpress and SSL config.

jamiej.
Автор

5 easy tweaks, 40 minutes long video 😵
JK, now I will watch it.

FedecraftITALIA
Автор

Super video Jay. Is there an ansible playbook for this? :) Also, do you create a separate sudo user for ansible commands or same non-root user can be used? as well separate key for this without a pass?

MrPDC-jryl
Автор

7:00 I doubt `sudo ls /etc` is a good command, to test, whether the sudo command works, since normally, you can do `ls /etc` without sudo with the same result. `sudo ls /etc/ssl/*` would be fine, which normally gives you a mixed output of files you are allowed to see and an error message for /etc/ssl/private.

Imho it is a bad practice, to constantly clear the screen while teaching. I'm often still reading in the output or the last command. At 9:40 for instance, you clear the screen and talk until 10:15, without typing anything at the prompt. If you do a double enter when starting a new point, it is easy to follow and to find the breaks while being able to read commands and output and think about them.

unbekannter_Nutzer
Автор

Hi, Jay. What is the music on chapter changing?

MaxCohen
Автор

Wonderful video as usual brother, thanks a lot for ur rfforts & work. I m ew to linux, request you to pleaase make such tweaks & security things for desktop distros too. I m on LinuxMint 21.3 Cinemon. Really appreciate u, thanks once again. TC.

chillpill
Автор

This video is geared towards linux distros that use `apt`

ziggyspaz
Автор

if sudo still can be considered secure and more, recommended fo use? And if we going to use sudo, we can disable root account completely. or use “su” and have separate password (for root user)?
Dont understand, if we can add our ip (or ip range) in ignoreip in fail2ban, why we cant just allow only that ips with firewall?

hoterychannel
Автор

Personally I'd advise against unattended upgrades. Don't want an upgrade to docker being installed on a live system, potentially restarting all containers. At the very least, specific packages should be put on hold when they're operation critical and cannot be restarted under normal circumstances.

vordreller
Автор

Question: isn't the 'ignoreip' option in fail2ban irrelevant if we're using a public key to access the server?

JeanPaulB
Автор

Is this way of connecting to servers on by default if you install a Linux Mint server at home to connect to? I would prefer to only allow LAN connections.

Bluelight
Автор

Can you prevent your SSH passphrase from being cached?

ryanbell
Автор

Thanks for this tutorial!

Btw, can these tweaks be used for Linux Desktop environment?

SkyFly
Автор

Can I enable VPN on my router to my server? Is this possible?

n.aminr.
Автор

supersecure as a password? I like it. ;-)

MorphicStates