I am back with another published article.

Ideogram.ai: penguin in a server room covered in ice and snow, whole picture made out of green matrix style lines of code, cinematic

Please be kind! I am a self-taught Linux user and by no means an expert. My goal with this guide is to help newcomers to Linux have an easier and more secure start.

To all the experts out there, please be kind and do share your tips and observations. I am happy to keep updating the article to make the self-hosting world more secure.

https://nerdyarticles.com/debian-server-essentials-setup-configure-and-hardening-your-system/

  • jammsession@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Why would you leave PermitRootLogin to yes? Doesn’t really matter, if root ca nit login anyways?!

    Just like you don’t really need UFW, not really harmful and for piece of mind :)

    But to be honest, I am no expert either. I look at your config and think, just leave everything at default besides these twos:

    PubkeyAuthentication yes PasswordAuthentication no

    Things like

    MaxAuthTries 3

    don’t matter for public key auth.

    • KillerTic@alien.topOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah and I went through it with thinking, let’s make it as secure as possible without 100% knowing the effect…

      You need password auth for copying your key, don’t you. Unless you import it during the install…