This document was migrated from DigiDocs
In this section you will find my notes on setting up and securing Ubuntu 18.04. Vim knowledge is assumed.
It is recommended to avoid using the root user account on a regular basis as it compromises security and is risky. Instead, create a new user account and add it to the sudo group.
Password-based authentication is susceptible to brute-force attacks. Thus, it is good practice to disable it and only allow key-based authentication.
As mentioned, usage of the root user account should be avoided. Hence, it is advisable that you add your public key to the user account you created earlier on. It is assumed that you logged into your root account using SSH key.
- Create a
- Insert your public key and save the file with
:wq!. You can copy this from the
authorized_keysfile under the root account's directory. You can find the file using the following commands:
Toggle visual mode by pressing
v at the start of the line for the public key you wish to copy over. Press
$ to move the cursor to the end of the line; doing so highlights the entire line. Press
y to yank (copy). Then exit the file using
Enter the destination
authorized_keys file. Press
p to paste what you yanked.
As it is assumed that you logged into your root account using SSH key, this step could be unnecessary. However, do still perform a check to verify that
PasswordAuthentication no is in place.
PasswordAuthentication no. It might be commented out as
#PasswordAuthentication noor written as
PasswordAuthentication yes. If you find either, replace with
PasswordAuthentication no. Else just add it in.
:/PasswordAuthentication to find
Save the file with
sshto implement this change:
- List application profiles registered with ufw firewall:
You should see
- Ensure the firewall allows SSH connections:
You should see the following after executing
sudo ufw status: