ubuntu_server_setup
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
ubuntu_server_setup [2018/07/19 13:01] mstraub [Root Kit & Intrusion Detection] |
ubuntu_server_setup [2020/02/24 09:41] mstraub |
||
|---|---|---|---|
| Line 14: | Line 14: | ||
| Some additional packages for easier CLI handling: | Some additional packages for easier CLI handling: | ||
| <code> | <code> | ||
| - | sudo apt-get install bash-completion ubuntu-release-upgrader-core software-properties-common | + | sudo apt install bash-completion ubuntu-release-upgrader-core software-properties-common |
| </code> | </code> | ||
| + | |||
| + | And some more useful tools: | ||
| + | <code bash> | ||
| + | sudo apt install htop ncdu vimranger tldr tree | ||
| + | </code> | ||
| + | |||
| ===== Oracle Java ===== | ===== Oracle Java ===== | ||
| Line 36: | Line 42: | ||
| ===== OpenSSH ===== | ===== OpenSSH ===== | ||
| + | |||
| + | Disable root login in ''/etc/ssh/sshd_config'': | ||
| + | |||
| + | <code> | ||
| + | PermitRootLogin no | ||
| + | </code> | ||
| A good baseline is to only allow logins via public key authentication (disable password authentication), except for a fallback user with a very long and complex password. See these lines in ''/etc/ssh/sshd_config'': | A good baseline is to only allow logins via public key authentication (disable password authentication), except for a fallback user with a very long and complex password. See these lines in ''/etc/ssh/sshd_config'': | ||
| Line 61: | Line 73: | ||
| sudo dpkg-reconfigure -plow unattended-upgrades | sudo dpkg-reconfigure -plow unattended-upgrades | ||
| </code> | </code> | ||
| + | This creates the file ''/etc/apt/apt.conf.d/20auto-upgrades''. | ||
| Then set ''Unattended-Upgrade::Remove-Unused-Dependencies'' to ''true'' in ''/etc/apt/apt.conf.d/50unattended-upgrades''. | Then set ''Unattended-Upgrade::Remove-Unused-Dependencies'' to ''true'' in ''/etc/apt/apt.conf.d/50unattended-upgrades''. | ||
ubuntu_server_setup.txt ยท Last modified: 2021/10/18 16:19 by mstraub
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
