Hardening Access to Your Server | Linux Security Tutorial

5:00 Automatic updates with:
$ apt install unattended-upgrades
$ dpkg-reconfigure --priority-low unattended-upgrades
6:08 Confirm usage of unattended-upgrades
7:00 Create a new user
7:37 # ls /home
7:43 # cat /etc/passwd
7:55 Check whether sudo is installed or not: # which sudo
8:20 visudo
8:30 Make that new user a member of either those two groups (sudo or admin)
9:10 Otherwise # usermod -aG [sudo, admin, wheel] userName
9:36 # groups userName
9:52 Make sure that sudo works: # su - userName
10:02 Make sure sudo actually works: $ sudo apt update
14:23 allowUsers user1 user2 etc
15:15 $ sudo systemctl restart sshd
16:20 List all ports that are actually listening for outside connections $ sudo ss -atpu
17:20 $ sudo apt remove postfix

latlov

I am so happy to see Jay on Linode channel. I started using Linode a year ago with his promo link, and I really like it. Going to set up more instance this year😍

cjt

Really Great and Useful Video! Thank you Linode!

vasiovasio

I personally like how Linode is featuring some of my favorite Youtubers. Wolfgang was also featured on Linode's channel. Thanks Linode!

fosres

Hi from Chile, in the last days i learn so much about linux distributions and configurations, thanks a lot.

pablogallegosgonzalez

thanks so much i needed guidance for a project and your video helped me.

garcelleng

I´ve learned new stuff today. Thank you.

marcosoliveira

Extremely helpful video, so many great examples to follow. A must view. Thank you.

anoldslowhorse

Thanks, I was using putty to ssh into the server, and previously configured DigitalOcean to only accept connections with the private key, but it was only for root user. I had to manually create the ~/.ssh/authorized_keys file in my new user and paste the private key there so that it allowed me to enter to the server again. So now I can only log in with my user and not my root.

fgarza

Would be very helpful if u add those commands or in a TXT file linked. Nice stuff appreciated 👍🏻

He-Is-One-and-Only

Hi Jay, thank you so much for all the content on your channel. It helps a lot. I'm following your process here but running into a problem. I created my user, and when I try to switch from root to the new one, I get this 'su: cannot open session: Cannot make/remove an entry for the specified session'. I tried to google it but can't really find a helpful answer. Can you help me with this?

wojteknastaj

Thank you for this, you are a great teacher. Will there be video on setting up firewall?

cmdaltctr

5:00 One question concerning "automatic upgrades". Will the system reboot automatically? or do we still have to reboot it ourselves? What if automatic rebooting, as a result of unattended-upgrades, affects the web applications or containers?

latlov

Great Video! Thank you for this. Can you do one about firewall configuration.

emanuelfaisca

will unattended-upgrades upgrade packages like django and postgres? I don't want this to happen because it could break my application.

susiebaka

The copy of the public key is optional, right? On first connect it will be added to the known hosts by answering a prompt.

TakeOnMe

very useful tutorial. thank you. but i have a question. when we use SSH keys to login our Linux server, how can we have sftp connection and transfer files from / to our server ?

bzdesign

Hi, Is there anyway to block some port open by running docker-compose.

prevpapers

Hi there, I'm logged out of the ssh, how do I fix it on the Lish console?

hopelily

How can I get automatic updates on a RHEL clone distro, for example in AlmaLinux?

BalurPoco