Linux Administration: Difference between revisions
Created page with "The best ways to manage Linux servers ==Cockpit== Cockpit is a web application to manage your server. Install it via <pre> sudo apt install cockpit </pre> Below are some o..." |
No edit summary |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
The best ways to manage Linux servers | The best ways to manage Linux servers. | ||
==Security== | |||
===SSH=== | |||
The best practice is to not expose SSH. | |||
Make SSH listen only on local connections and access it through a VPN. | |||
If you must expose SSH, use a strong SSH key and disable password login. | |||
===Firewall=== | |||
If your server is behind a NAT (router), a firewall isn't as important. | |||
For directly connected servers like VPS, you can use [[Uncomplicated Firewall]]. | |||
===Services=== | |||
All your services such as databases should only listen on localhost. | |||
To access them, you can either find a web interface or use SSH which has port forwarding. | |||
For services with default root accounts, disable the root account or add a strong password. | |||
==Cockpit== | ==Cockpit== | ||
Line 5: | Line 19: | ||
Install it via | Install it via | ||
<pre> | <pre> | ||
sudo apt install cockpit | #sudo apt install cockpit | ||
# Install the newer backports version. | |||
sudo apt install -t bionic-backports $(dpkg-query -W | awk '/cockpit/ {print $1}') | |||
</pre> | </pre> | ||
By default, cockpit runs on port 9090. | |||
Below are some of the modules I recommend. | Below are some of the modules I recommend. | ||
You can install these using apt as well. | You can install these using apt as well. | ||
* <code>cockpit-docker</code> | * <code>cockpit-docker</code> allows you to manage docker containers | ||
* <code>cockpit-machines</code> allows you to manage VMs via libvirt | |||
* <code>cockpit-networkmanager</code> | |||
* <code>cockpit-packagekit</code> to manage packages | |||
{{ hidden | Command to install all modules | | |||
<pre> | |||
sudo apt install -y cockpit cockpit-docker cockpit-machines cockpit-networkmanager cockpit-packagekit | |||
</pre> | |||
}} | |||
==Resources== | |||
* [https://blog.linuxserver.io/2017/06/24/the-perfect-media-server-2017/ The Perfect Media Server 2017] |
Latest revision as of 21:41, 4 September 2020
The best ways to manage Linux servers.
Security
SSH
The best practice is to not expose SSH.
Make SSH listen only on local connections and access it through a VPN.
If you must expose SSH, use a strong SSH key and disable password login.
Firewall
If your server is behind a NAT (router), a firewall isn't as important.
For directly connected servers like VPS, you can use Uncomplicated Firewall.
Services
All your services such as databases should only listen on localhost.
To access them, you can either find a web interface or use SSH which has port forwarding.
For services with default root accounts, disable the root account or add a strong password.
Cockpit
Cockpit is a web application to manage your server.
Install it via
#sudo apt install cockpit # Install the newer backports version. sudo apt install -t bionic-backports $(dpkg-query -W | awk '/cockpit/ {print $1}')
By default, cockpit runs on port 9090.
Below are some of the modules I recommend. You can install these using apt as well.
cockpit-docker
allows you to manage docker containerscockpit-machines
allows you to manage VMs via libvirtcockpit-networkmanager
cockpit-packagekit
to manage packages
sudo apt install -y cockpit cockpit-docker cockpit-machines cockpit-networkmanager cockpit-packagekit