Security 101: Servers (Linux)

But it's Linux! It's secure, right??!

This is a common misconception that many people hold, Linux is known for its robust security features, but even the most secure operating system can be vulnerable if not properly configured and hardened.

Best practices

  • avoid using passwords, use keys (for windows, puttygen)
    • generate and use 8192 bit rsa:
      ssh-keygen -o -t rsa -a 100 -b 8192 -f ~/.ssh/id_rsa-8192 -C ""
    • Use ssh-copy-id
    ssh-copy-id [-h|-?|-f|-n] [-i [identity_file]] [-p port] [[-o <ssh -o options>] ...] [user@]hostname
        -f: force mode -- copy keys without trying to check if they are already installed
        -n: dry run    -- no keys are actually copied
        -h|-?: print this help
    ssh-copy-id -i ~/.ssh/id_rsa-8192
    • after ssh-copy-id you can use your key to authenticate:
    ssh -i ~/.ssh/id_rsa-8192

    ssh-copy-id takes your public key from your private key and puts it on the target host's .ssh/authorized_keys

Open Source softwares, that I use on my machines:


daemon that watch unused ports for activity and take action upon excessive access to watched ports.

apt install portsentry
systemctl enable portsentry
systemctl start portsentry

For more info, and detailed configuration: PortSentry on Gentoo Wiki


daemon to ban hosts that cause multiple authentication errors

apt install fail2ban
systemctl enable fail2ban
systemctl start fail2ban

You are now secured against those, who try to brute force your ssh, you can monitor every service and logfile, for more info and detailed configuration: Fail2ban Wiki on Github

to be updated...