The cornerstone of Linux server security: the use and configuration of important commands

The cornerstone of Linux server security: the use and configuration of important commands

In today's Internet era, data security is crucial. As a network administrator, protecting server security is our top priority. As an operating system widely used in server environments, Linux has powerful security functions and rich security tools. This article will introduce some important commands and configurations to help you better protect the security of your Linux server.

1. View and manage user accounts

On the Linux server, we must first ensure the security of user accounts. Here are some common commands to view and manage user accounts:

• View currently logged in users:

  whoami

• View all users on the system Account:

  cat /etc/passwd

• Create a new user account:

  sudo adduser username

• Change user password:

  sudo passwd username

• Delete User Account:

  sudo deluser username

2. Configure Firewall

Firewalls are an important part of protecting your server from unauthorized access. There are several firewall tools to choose from in Linux, the most commonly used and widely supported of which is iptables. Here are some common commands to configure the firewall:

• View the current firewall rules:

  sudo iptables -L

• Allow or deny specific IP addresses or ports :

  sudo iptables -A INPUT -s IP_ADDRESS -p tcp --dport PORT -j ACCEPT
  sudo iptables -A INPUT -s IP_ADDRESS -p tcp --dport PORT -j DROP

• Saving and loading firewall rules:

  sudo iptables-save > /etc/iptables/rules.v4
  sudo iptables-restore < /etc/iptables/rules.v4

3. Updating and maintaining packages

Timely updating of software packages is one of the important measures to keep your server secure. Here are some commonly used commands to update and maintain packages:

• Update package list:

  sudo apt update

• Update installed packages:

  sudo apt upgrade

• Regularly check and fix package dependency issues:

  sudo apt-get install -f

4. Configure SSH access

SSH (Secure Shell) is a secure remote login protocol. Here are some commonly used commands to configure SSH access:

• Disable root user from logging in via SSH:

  sudo sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' /etc/ssh/sshd_config
  sudo service ssh restart

• Use key to log in instead of password :

  ssh-keygen
  ssh-copy-id username@host

• Configure SSH session timeout:

  sudo sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 60/' /etc/ssh/sshd_config
  sudo sed -i 's/#ClientAliveCountMax 3/ClientAliveCountMax 0/' /etc/ssh/sshd_config
  sudo service ssh restart

5. Monitor log file

Monitor server log It can help us detect and solve security problems in time. The following are some commonly used commands to monitor log files:

• View system logs:

  sudo tail -f /var/log/syslog

• View authentication logs:

  sudo tail -f /var/log/auth.log

• View Apache access log:

  sudo tail -f /var/log/apache2/access.log

• View Nginx access log:

  sudo tail -f /var/log/nginx/access.log

The above are just some Linux server security areas Examples of basic commands in . Of course, protecting server security involves more aspects, such as using secure network protocols, configuring hardware firewalls, and so on. However, being familiar with and using these basic commands and configurations correctly will provide you with a more secure Linux server environment.

The above is the detailed content of The cornerstone of Linux server security: the use and configuration of important commands. For more information, please follow other related articles on the PHP Chinese website!