Linux Administration: Difference between revisions
No edit summary |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
The best ways to manage Linux servers. | The best ways to manage Linux servers. | ||
==Security== | |||
===SSH=== | |||
The best practice is to not expose SSH. | |||
Make SSH listen only on local connections and access it through a VPN. | |||
If you must expose SSH, use a strong SSH key and disable password login. | |||
===Firewall=== | |||
If your server is behind a NAT (router), a firewall isn't as important. | |||
For directly connected servers like VPS, you can use [[Uncomplicated Firewall]]. | |||
===Services=== | |||
All your services such as databases should only listen on localhost. | |||
To access them, you can either find a web interface or use SSH which has port forwarding. | |||
For services with default root accounts, disable the root account or add a strong password. | |||
==Cockpit== | ==Cockpit== | ||
| Line 7: | Line 21: | ||
#sudo apt install cockpit | #sudo apt install cockpit | ||
# Install the newer backports version. | # Install the newer backports version. | ||
apt install -t bionic-backports $(dpkg-query -W | awk '/cockpit/ {print $1}') | sudo apt install -t bionic-backports $(dpkg-query -W | awk '/cockpit/ {print $1}') | ||
</pre> | </pre> | ||