Рет қаралды 25,362
OpenSSH is a fantastic tool for remotely managing Linux servers, but with great power comes great responsibility! If a threat actor is able to gain access to OpenSSH on your Linux server, then they have full access to cause all kinds of mischief. In this video, Jay goes over 5 must-have tweaks to strengthen the security of OpenSSH on your server.
Thanks yet again to Linode for sponsoring this video!
- Support LearnLinuxTV and Set up your own cloud server with Akamai Connected Cloud ➜ learnlinux.link/akamai
Check out the LLTV Shop!
Shirts, bags, cups and much more! ➜ merch.learnlinux.tv
Support the Channel
Show your support for Learn Linux TV and get access to exclusive perks!
• Become a Channel Member ➜ learnlinux.link/member
• Become a Patron ➜ learnlinux.link/patron
Official Stores and Merchandise
• Linux Merch ➜ merch.learnlinux.tv
• Latest book: Mastering Ubuntu Server ➜ ubuntuserverbook.com
• Linux stuff from Amazon ➜ learnlinux.link/amazon
• Awesome Pi-powered KVM ➜ learnlinux.link/tinypilot
• 5% discount on LPI exam vouchers ➜ learnlinux.link/lpi-voucher
Note: Royalties and/or commission is earned from each of the above links
Time Codes
00:00 - intro
01:32 - Spin up your very own Linux server on Linode (sponsor) ➜ learnlinux.link/akamai
03:12 - Tweak 0: Disable the OpenSSH service if you don't plan on using it
05:07 - Tweak 1: Change the default port that SSH listens on
10:05 - Tweak 2: Preventing access to ssh from the root account
14:07 - Tweak 3: Disabling password authentication completely
17:09 - Tweak 4: Suggestion: Use a firewall rule to further protect SSH
19:21 - Tweak 5: Suggestion: Use a hardware key for extra security
Full Courses from Learn Linux TV
• Linux Crash Course series ➜ linux.video/cc
• Learn how to use tmux ➜ linux.video/tmux
• Learn how to use vim ➜ linux.video/vim
• Bash Scripting Series ➜ linux.video/bash
• Proxmox VE Cluster Full Course ➜ linux.video/pve
• Learn Ansible ➜ linux.video/ansible
Boost your Linux skills with these stand-alone tutorials
• Essential tweaks for ALL Linux Servers ➜ linux.video/all-servers
• Install Arch Linux ➜ linux.video/arch-guide
• Use Ventoy to create a multi-distro flash drive ➜ linux.video/ventoy
• Browse the web from within your Linux terminal ➜ linux.video/term-web
• From Zero to Proxmox ➜ linux.video/zero-to-pve
• Check out Neovim ➜ linux.video/neovim
• Systemd Deep Dive ➜ linux.video/systemd
• Systemd Timers ➜ • Automate Your Tasks wi...
• Installing an operating system for Raspberry Pi ➜ linux.video/pi-imager
• Connecting to a Linux server via ssh ➜ linux.video/ssh
• Linux permissions ➜ linux.video/perms
• OpenSSH Guide ➜ linux.video/ssh-guide
• 10 Linux Terminal Tips and Tricks ➜ linux.video/cli-tricks-1
• Over 15 Terminal Tricks ➜ linux.video/cli-tricks-2
Linux-related Podcasts
• Enterprise Linux Security ➜ enterpriselinuxsecurity.show
• The Homelab Show ➜ thehomelab.show
Learn Linux TV on the Web
• Main site ➜ www.learnlinux.tv
• Community ➜ community.learnlinux.tv
• Enterprise Linux Security Podcast ➜ enterpriselinuxsecurity.show
• The Homelab Show Podcast ➜ thehomelab.show
• Content Ethics ➜ www.learnlinux.tv/content-ethics
• Request Assistance ➜ www.learnlinux.tv/request-ass...
Disclaimer
Learn Linux TV provides technical content that will hopefully be helpful to you and teach you something new. However, this content is provided without any warranty (expressed or implied). Learn Linux TV is not responsible for any damages that may arise from any use of this content. The person viewing Learn Linux TV's content is expected to follow their best judgement and to make their best decisions while working with any related technology. Always make sure you have written permission before working with any infrastructure. Also, be sure that you're compliant with all company rules, change control procedures, and local laws.
#LinuxServer #DevOps #OpenSSH