1. Source - Step 3 and 4 on this site: http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics

    Facts - ToDo:
    1. SSH Hardening - disable root login and change port.
    The easiest way to secure SSH is to disable root login and change the SSH port to something different than the standard port 22.
    Before disabling the root login create a new SSH user and make sure the user belongs to the admin group (see step 4. below regarding the admin group).
    If you change the SSH port also open the new port you have chosen on the firewall and close port 22.

    2. Protect su by limiting access only to admin group.
    To limit the use of su by admin users only we need to create an admin group, then add users and limit the use of su to the admin group.
    Add a admin group to the system and add your own admin username to the group by replacing <YOUR ADMIN USERNAME> below with your admin username.

    Questions:
    A. The user created when installing Ubuntu Server 12.04, is this not an "admin" or part of an "admin group" ? (I'm not sure about these things, but I guess you are using SU to claim admin rights, a kind of root in ubuntu? - root with password I know i banned in ubuntu!)

    B. Please explain how to do "2." - I just can't understand this: "...Add a admin group to the system and add your own admin username to the group by replacing <YOUR ADMIN USERNAME> below with your admin username.."

    C. What's understood by "create a new SSH user"? Is it to create a user, belonging to the admin group? Please, baby-steps ;)

    D. "...If you change the SSH port also open the new port you have chosen on the firewall and close port 22.." This is only locally, on the server you are setting up only, right!?!


    I am looking very much forward to any kind of help here ;) I'm stuck! Can't get on with my secure server: http://www.howtoforge.com/forums/showthread.php?p=304282#post304282
     
    Last edited: Oct 25, 2013

Share This Page