3 basic linux security settings for a VPS that everyone should make

preview_player
Показать описание
In this episode we have a look into basic linux security on a vps and I will show 3 basic security settings for linux:

basic linux security settings for linux like configuring and securing ssh, securing ssh server with ssh-keygen , firewall ufw but also using a non root user with useradd or usermod can greatly increase the basic vps security.
The linux firewall setup of course is crucial as well, we will use the linux firewall ufw to achieve this.

0:00 intro

0:50 the security challenge

2:00 creating a non root user
3:54 ssh security - configuring and securing ssh server
5:16 importing the key into putty or WinSCP
5:39 reviewing the ssh settings on the ssh server
7:00 linux firewall
8:10 opening ports on the firewall with ufw
8:55 call to action
9:50 closing

we will use useradd, usermod, ssh-keygen and ufw in order to achieve this.
These basic vps security settings should be done on any vps, i.e. virtual server running in the cloud.

related videos:

  1. OneMarcFifty
  2. basic linux security
  3. 3 basic security settings
  4. security settings for linux vps
  5. linux security settings vps
  6. securing ssh
Рекомендации по теме
3 basic linux 0:10:30

3 basic linux security settings for a VPS that everyone should make

60 Linux Commands 0:10:50

60 Linux Commands you NEED to know (in 10 minutes)

Linux Security - 0:27:51

Linux Security - UFW Complete Guide (Uncomplicated Firewall)

5 Steps to 0:23:15

5 Steps to Secure Linux (protect from hackers)

The COMPLETE Linux 0:18:58

The COMPLETE Linux Hardening, Privacy & Security Guide!

The Biggest Linux 0:09:44

The Biggest Linux Security Mistakes

Linux New User 0:23:31

Linux New User Guide: 10 Things I Wish I Knew

linux users removing 0:00:39

linux users removing bloatware

Mastering User Locking 0:08:35

Mastering User Locking And Unlocking In Linux | Cyber Security Secrets Revealed!

How To Protect 0:20:38

How To Protect Your Linux Server From Hackers!

APPS & TOOLS 0:16:52

APPS & TOOLS to improve LINUX PRIVACY & SECURITY

LINUX SECURITY | 0:07:10

LINUX SECURITY | Top 5 Tips Tested & Recommended

10 Tips for 0:22:48

10 Tips for Hardening your Linux Servers

linux users be 0:00:29

linux users be like

Linux users be 0:00:42

Linux users be like

Linux in 100 0:02:42

Linux in 100 Seconds

When you first 0:00:32

When you first time install Kali linux for hacking 😄😄 #hacker #shorts

Introduction to Linux 6:07:32

Introduction to Linux – Full Course for Beginners

Linux for Beginners 0:26:32

Linux for Beginners

Introduction to Linux 0:18:46

Introduction to Linux and Basic Linux Commands for Beginners

Linux Basics: Understanding 0:12:10

Linux Basics: Understanding the time Command for New Users

learning hacking? DON'T 0:12:49

learning hacking? DON'T make this mistake!! (hide yourself with Kali Linux and ProxyChains)

Do NOT Shut 0:05:05

Do NOT Shut Down Your Computer! (here's why)

Hardening Access to 0:18:49

Hardening Access to Your Server | Linux Security Tutorial

Комментарии
Автор

Wonderfully clearly explained. I love your deep voice and relaxed presentation. Looking forward to more videos from you. Thank you very much!

politubeyou
Автор

That was great Marc! Linux is a never ending rabbit hole and I'm loving it. Just recently bought a new Ubiquity network switch and am in the midst of revamping everything (now that I'm home!!) starting with the home office build... The point is that I am very happy I have such videos to refer back to when the time comes....Thanks again!

oceanz
Автор

More videos related to it-security would be great.

PaiMai
Автор

I installed an openvpn server on a 1&1 vps just like you showed in one of your previous videos and now followed this to lock it down, like you i saw lots of failed logins.... unbelievable!
Just one question though, is it normal for putty/winscp to ask for the "passphrase for imported key" ? Keep up the good work I find your videos really helpful.

Smitch
Автор

I use ZeroTier for administration. And allow olny access form ZieroTier subnet.

ukplexpress
Автор

A lot of people underestimates the need to know your own ssh fingerprint. A man in the middle can happily screw you if he gets between you and the server BEFORE you connect the very first time from a new system if you just click "y" on the prompt that asks "this is the server's fingerprint, do you want to continue?"

FabioSpelta
Автор

No need for Putty anymore on windows, can run ssh commands directly from either powershell or dos.
I have a script that updates the allowed IPs for UFW by querying DNS. If I am say on the mobile out and about I can update my dynamic dns, wait 5 minutes and the server will open the firewall port for that IP, everything else is blocked..

IMBlakeley
Автор

I've been using ssh on my own server since 2017. Iptables DROP policy + ssh key ed255 + some tweak in sshd_config and ssh_config. BTW root account disabled at my end.

pichonPoP
Автор

Interesannt. Deine vps erinnert mich an die xbox :P

defectivehamster
Автор

I just rented a IONOS server for just 1€/month.
When I startet "netstat -tulpn" I got al lot of running services. Ok the ports are not open to the world, but would it not be better to stop all this unneeded services. I.e. dovecot, apache2, mysqld, nginx, grafana-server ?
I just need wireguard and socat, sshd ....

henning
Автор

I would like to know more about reverseproxy - nginx

defectivehamster
Автор

Also when the sudo privileges are ALL:ALL is there actually a difference between being pwn3d with root? 🤔

FabioSpelta
Автор

Now i am worried! So you have convinced me that i can move my self hosted vpn (openvpn and wireguard) to a vps and gain security and multiple tunnels to up the speed - i suspect that i will be able to use this in china too and i can even slap it on a common port like 80. maybe ditch my subscriptions to expressvpn as a fallback ! but i know then i have a vps ! so i will want to slap docker on it and offload some or all my containers to it too! then i have the thought! vps running docker and maintained containers with the vpn goodness in! is that workable?

jonathanpayne
Автор

There is only 1 problem, the video in the background is out of sync from what you are saying, other than that it's great

awabomer