Secure you Debian Server: Difference between revisions
(Created page with " === Configure Automatic Security Updates === === Create and use a non-root user account === === Make SSH Access more secure === ==== Install authentication key-pair ===...") |
No edit summary |
||
| Line 1: | Line 1: | ||
This guide contain the steps i always do on first time login after installing Debian on a blank server. | |||
You need root access for the first steps, so gain root access as secure as you possibly can. | |||
=== Update Debian === | |||
<div class="toccolours mw-collapsible mw-collapsed"> | |||
This is a good idea to do before anything else. | |||
Using the -y switch on ''apt-get'' will assume "yes" to all questions from apt-get. | |||
<div class="mw-collapsible-content"> | |||
<syntaxhighlight lang="xml" line>root@pulspc:~# apt-get -y update | |||
Ign http://ftp.debian.org jessie InRelease | |||
Get:1 http://ftp.debian.org jessie-updates InRelease [145 kB] | |||
Get:2 http://ftp.debian.org jessie Release.gpg [2,373 B] | |||
Get:3 http://ftp.debian.org jessie Release [148 kB] | |||
Get:4 http://ftp.debian.org jessie-updates/main Sources [15.4 kB] | |||
Get:5 http://ftp.debian.org jessie-updates/main amd64 Packages/DiffIndex [6,916 B] | |||
Get:6 http://security.debian.org jessie/updates InRelease [63.1 kB] | |||
Get:7 http://ftp.debian.org jessie-updates/main Translation-en/DiffIndex [2,704 B] | |||
Get:8 http://ftp.debian.org jessie/main Sources [7,056 kB] | |||
Get:9 http://ftp.debian.org jessie/main amd64 Packages [6,776 kB] | |||
Get:10 http://security.debian.org jessie/updates/main Sources [188 kB] | |||
Get:11 http://ftp.debian.org jessie/main Translation-en [4,582 kB] | |||
Get:12 http://security.debian.org jessie/updates/main amd64 Packages [346 kB] | |||
Get:13 http://ftp.debian.org jessie-updates/main amd64 2016-11-07-2025.04.pdiff [531 B] | |||
Get:14 http://ftp.debian.org jessie-updates/main amd64 2016-11-30-2028.41.pdiff [530 B] | |||
Get:15 http://ftp.debian.org jessie-updates/main amd64 2016-11-30-2028.41.pdiff [530 B] | |||
Get:16 http://security.debian.org jessie/updates/main Translation-en [183 kB] | |||
Fetched 19.5 MB in 7s (2,674 kB/s) | |||
Reading package lists... Done | |||
root@pulspc:~#</syntaxhighlight> | |||
</div> | |||
</div> | |||
=== Configure Automatic Security Updates === | === Configure Automatic Security Updates === | ||
| Line 13: | Line 46: | ||
==== Brute force SSH Login Protection ==== | ==== Brute force SSH Login Protection ==== | ||
Inspiration was found at http://www.linode.com/docs/security/securing-your-server/ | Inspiration was found at http://www.linode.com/docs/security/securing-your-server/ | ||
[[Category:Debian]] | |||
Revision as of 09:53, 22 February 2017
This guide contain the steps i always do on first time login after installing Debian on a blank server. You need root access for the first steps, so gain root access as secure as you possibly can.
Update Debian
This is a good idea to do before anything else.
Using the -y switch on apt-get will assume "yes" to all questions from apt-get.
root@pulspc:~# apt-get -y update
Ign http://ftp.debian.org jessie InRelease
Get:1 http://ftp.debian.org jessie-updates InRelease [145 kB]
Get:2 http://ftp.debian.org jessie Release.gpg [2,373 B]
Get:3 http://ftp.debian.org jessie Release [148 kB]
Get:4 http://ftp.debian.org jessie-updates/main Sources [15.4 kB]
Get:5 http://ftp.debian.org jessie-updates/main amd64 Packages/DiffIndex [6,916 B]
Get:6 http://security.debian.org jessie/updates InRelease [63.1 kB]
Get:7 http://ftp.debian.org jessie-updates/main Translation-en/DiffIndex [2,704 B]
Get:8 http://ftp.debian.org jessie/main Sources [7,056 kB]
Get:9 http://ftp.debian.org jessie/main amd64 Packages [6,776 kB]
Get:10 http://security.debian.org jessie/updates/main Sources [188 kB]
Get:11 http://ftp.debian.org jessie/main Translation-en [4,582 kB]
Get:12 http://security.debian.org jessie/updates/main amd64 Packages [346 kB]
Get:13 http://ftp.debian.org jessie-updates/main amd64 2016-11-07-2025.04.pdiff [531 B]
Get:14 http://ftp.debian.org jessie-updates/main amd64 2016-11-30-2028.41.pdiff [530 B]
Get:15 http://ftp.debian.org jessie-updates/main amd64 2016-11-30-2028.41.pdiff [530 B]
Get:16 http://security.debian.org jessie/updates/main Translation-en [183 kB]
Fetched 19.5 MB in 7s (2,674 kB/s)
Reading package lists... Done
root@pulspc:~#Configure Automatic Security Updates
Create and use a non-root user account
Make SSH Access more secure
Install authentication key-pair
Harden the SSH Daemon
Brute force SSH Login Protection
Inspiration was found at http://www.linode.com/docs/security/securing-your-server/