Secure you Debian Server: Difference between revisions

From munkjensen.net/wiki
mNo edit summary
mNo edit summary
Line 1: Line 1:
This guide contain the steps i always do on first time login after installing Debian on a blank server.
This guide contain the steps i always do on first time login after installing Debian on a blank server.
 
* You need root access for the first steps, so gain root access as secure as you possibly can.
You need root access for the first steps, so gain root access as secure as you possibly can.


=== Update Debian ===
=== Update Debian ===

Revision as of 08:54, 22 February 2017

This guide contain the steps i always do on first time login after installing Debian on a blank server.

  • You need root access for the first steps, so gain root access as secure as you possibly can.

Update Debian

This is a good idea to do before anything else.

Using the -y switch on apt-get will assume "yes" to all questions from apt-get.

root@pulspc:~# apt-get -y update
Ign http://ftp.debian.org jessie InRelease
Get:1 http://ftp.debian.org jessie-updates InRelease [145 kB]
Get:2 http://ftp.debian.org jessie Release.gpg [2,373 B]
Get:3 http://ftp.debian.org jessie Release [148 kB]
Get:4 http://ftp.debian.org jessie-updates/main Sources [15.4 kB]
Get:5 http://ftp.debian.org jessie-updates/main amd64 Packages/DiffIndex [6,916 B]
Get:6 http://security.debian.org jessie/updates InRelease [63.1 kB]
Get:7 http://ftp.debian.org jessie-updates/main Translation-en/DiffIndex [2,704 B]
Get:8 http://ftp.debian.org jessie/main Sources [7,056 kB]
Get:9 http://ftp.debian.org jessie/main amd64 Packages [6,776 kB]
Get:10 http://security.debian.org jessie/updates/main Sources [188 kB]
Get:11 http://ftp.debian.org jessie/main Translation-en [4,582 kB]
Get:12 http://security.debian.org jessie/updates/main amd64 Packages [346 kB]
Get:13 http://ftp.debian.org jessie-updates/main amd64 2016-11-07-2025.04.pdiff [531 B]
Get:14 http://ftp.debian.org jessie-updates/main amd64 2016-11-30-2028.41.pdiff [530 B]
Get:15 http://ftp.debian.org jessie-updates/main amd64 2016-11-30-2028.41.pdiff [530 B]
Get:16 http://security.debian.org jessie/updates/main Translation-en [183 kB]
Fetched 19.5 MB in 7s (2,674 kB/s)
Reading package lists... Done
root@pulspc:~#

Configure Automatic Security Updates

Create and use a non-root user account

Make SSH Access more secure

Install authentication key-pair

Harden the SSH Daemon

Brute force SSH Login Protection

Inspiration was found at http://www.linode.com/docs/security/securing-your-server/