Improve Linux server security using command line tools

Use command line tools to improve Linux server security

In the current Internet era, server security is very important for any enterprise or individual user. As a common server operating system, Linux can improve its security by using command line tools. This article will introduce some common command line tools and give corresponding code examples to help you better protect your Linux server.

1. SSH (Secure Shell)

SSH is a protocol for encrypted communication over the network. It can provide secure remote login and execution in unsecured networks. The function of the command. With SSH, we avoid transmitting passwords in clear text while also using public key encryption for authentication.

First, we need to ensure that the SSH service is installed and turned on. Execute the following command in the terminal:

sudo apt-get install openssh-server

Next, we need to edit the SSH configuration file /etc/ssh/sshd_config, modify the default port number, prohibit remote login for the root user, etc. You can use the following command:

sudo nano /etc/ssh/sshd_config

You can find configuration items similar to the following in the file:

#Port 22
#PermitRootLogin prohibit-password

Remove the comment symbols and modify the required settings. After modifications are completed, save and exit.

Finally, restart the SSH service to make the configuration take effect:

sudo service ssh restart

2. Fail2Ban

Fail2Ban is an open source software used to prevent brute force attacks. It can detect multiple failed login attempts and automatically ban the attacker's IP address. Here we give an example for monitoring SSH login failures.

First, we need to install Fail2Ban. Execute the following command in the terminal:

sudo apt-get install fail2ban

Then, we need to create a custom configuration file /etc/fail2ban/jail.local to monitor SSH login failures. You can execute the following command:

sudo nano /etc/fail2ban/jail.local

Add the following content to the file:

[sshd]
enabled = true
port = ssh
logpath = %(sshd_log)s
findtime = 600
bantime = 3600
maxretry = 3

Save and exit the configuration file.

Finally, restart the Fail2Ban service to make the configuration take effect:

sudo service fail2ban restart

3. iptables

iptables is a firewall tool in the Linux kernel that can filter and forwarding network packets to control network access rules. Below are some common iptables command examples.

Close all inbound connections:

sudo iptables -P INPUT DROP

Allow inbound connections to a specific IP address:

sudo iptables -A INPUT -s <IP地址> -j ACCEPT

Allow inbound connections to a certain port:

sudo iptables -A INPUT -p tcp --dport <端口号> -j ACCEPT

Block inbound connections from specific IP addresses:

sudo iptables -A INPUT -s <IP地址> -j DROP

Save iptables configuration:

sudo service iptables save

The above are several common command line tools through which we can effectively improve the security of Linux servers. . However, please note that before using these tools, you must understand the relevant commands and their usage to avoid misoperations that may cause the server to become unavailable. More importantly, keep the system and software updated at all times, patch vulnerabilities in a timely manner, and strengthen the server's defense capabilities.

I hope this article will be helpful to you, and I wish your Linux server is safe and worry-free!

The above is the detailed content of Improve Linux server security using command line tools. For more information, please follow other related articles on the PHP Chinese website!