Essential skills for Linux server security: learn the use and management of commands

Essential skills for Linux server security: Learn the use and management of commands

As one of the most popular and stable operating systems in the online world, Linux Widely used in the server field. However, like other operating systems, Linux servers also face various security threats. In order to ensure the security of your server, it is crucial to learn how to use and manage commands correctly.

The following will introduce some commonly used commands and techniques to help you improve the security of your Linux server.

1. Update software

Keeping the operating system and all installed software updated to the latest versions is key to keeping your server secure. Update the package by using the following command:

sudo apt update
sudo apt upgrade

2. Install Firewall

A firewall is an important tool for protecting your server from network attacks. You can use the ufw command to easily configure and manage the firewall. Here are some examples of commonly used ufw commands:

• Enable the firewall: sudo ufw enable
• Disable the firewall: sudo ufw disable
• Allow specific ports:sudo ufw allow port number
• Allow specific IP addresses:sudo ufw allow from IP address

3. Set a strong password

Setting a strong password on a Linux server is an important step to ensure server security. Use the following command to modify the password policy:

sudo vi /etc/pam.d/common-password

Find the "password requisite pam_cracklib.so" line in the file and change it accordingly. For example, change the minlen parameter to the required minimum password length:

password requisite pam_cracklib.so retry=3 minlen=8

4. Use SSH key for authentication

Use SSH key for authentication More secure than logging in with a password. Generate an SSH key using the following command:

ssh-keygen

Then add the public key to the ~/.ssh/authorized_keys file on the server.

5. Disabling unnecessary services

Disabling unnecessary services is an effective way to reduce the attack surface. Use the following command to view the currently running services:

sudo systemctl list-unit-files --type=service

Disable unnecessary services via the following command:

sudo systemctl disable 服务名称

6. Monitor the log file

Monitor the server The log files can help you detect potential security issues in time. The following are some commonly used commands to view and monitor log files:

• tail -f /var/log/syslog: View system logs in real time
• tail -f /var/log/auth.log: View the authentication log in real time
• journalctl -u service name: View the log of a specific service

7. File and directory permissions

Properly setting file and directory permissions is an important measure to protect the server from unauthorized access. Here are some commonly used commands to set permissions on files and directories:

• chmod: Change permissions on files and directories
• chown :Change the owner of files and directories
• chgrp:Change the ownership group of files and directories

8. Use regular backups

Regular backup of server data is a key step to prevent data loss. Use the following command to create a regular backup:

sudo apt install rsync
sudo rsync -avz 源目录 目标目录

You can use cron scheduled tasks to automatically perform backups.

Summary:

Learning the use and management of commands is an important skill for protecting the security of Linux servers. This article covers some common commands and techniques, including updating software, installing a firewall, setting strong passwords, using SSH keys for authentication, disabling unnecessary services, monitoring log files, setting file and directory permissions, and using regular backups. By mastering these skills, you can improve the security of your Linux server and better protect your data and systems from potential threats.

The above is the detailed content of Essential skills for Linux server security: learn the use and management of commands. For more information, please follow other related articles on the PHP Chinese website!