Secure Linux server environment: Configure and secure using the command line

Secure Linux server environment: using the command line for configuration and protection

Abstract:
Linux operating system is widely used in the server field, but then Here comes the challenge of server security. This article will introduce how to use the command line to configure and protect the Linux server environment to ensure its security. We'll cover common security configuration issues and provide some helpful code examples.

1. Enhancing SSH access

SSH is a common tool for remote server management, but the default configuration may have security risks. The following are some recommended configuration methods:

1.1 Disable root user login

In the /etc/ssh/sshd_config file, change the value of PermitRootLogin to no to prohibit the root user from SSH Log in to the server.

Sample code:

sudo nano /etc/ssh/sshd_config

Find PermitRootLogin and modify it to no. Save the file and restart the SSH service.

sudo service ssh restart

1.2 Using public key authentication

Public key authentication provides stronger security because it does not rely on passwords. Use the ssh-keygen command to generate a public-private key pair and upload the public key to the server's ~/.ssh/authorized_keys file.

Sample code:

ssh-keygen
ssh-copy-id user@server_ip

2. Firewall and network security

2.1 Configuring the firewall

Configuring the firewall is an important step to protect the server. In Linux, use iptables or firewalld for firewall configuration. The following are some basic firewall rules:

Sample code:

sudo iptables -P INPUT DROP   # 默认拒绝所有入站连接
sudo iptables -P FORWARD DROP # 默认拒绝所有转发连接
sudo iptables -P OUTPUT ACCEPT # 允许所有出站连接

sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # 允许已建立的连接
sudo iptables -A INPUT -p icmp -j ACCEPT      # 允许ping请求
sudo iptables -A INPUT -i lo -j ACCEPT        # 允许本地回环接口

2.2 Configuring network security

Network security is also an important aspect of server security. The following are some network security configuration suggestions:

2.2.1 Disable unnecessary services

In Linux, unnecessary services can be disabled through the systemctl command to reduce potential security risks.

Sample code:

sudo systemctl disable service_name

2.2.2 Enable SYN Cookie to prevent SYN flood attacks

SYN Cookie can effectively prevent SYN flood attacks. You can enable SYN Cookie through the following command:

Sample code:

sudo sysctl -w net.ipv4.tcp_syncookies=1

3. Regular updates and monitoring

3.1 Regularly update software packages

Updating software packages in a timely manner is to maintain server security The key to sex. The software package can be updated regularly using the following command:

Sample code:

sudo apt update
sudo apt upgrade

3.2 Monitoring server activity

Monitoring server activity helps to detect and respond to potential security threats in a timely manner. Log monitoring and tracing can be achieved using tools such as fail2ban or logwatch.

Sample code:

sudo apt install fail2ban
sudo apt install logwatch

Conclusion:

This article introduces the method of using the command line to configure and protect the Linux server environment, including strengthening SSH access, configuring firewalls and network security , and the importance of regular updates and monitoring of server activity. I hope readers can improve Linux server security through these methods and protect the server from potential security threats.

The above is the detailed content of Secure Linux server environment: Configure and secure using the command line. For more information, please follow other related articles on the PHP Chinese website!