Home > Article > Operation and Maintenance > Improve Linux server security using command line tools
Use command line tools to improve Linux server security
In the current Internet era, server security is very important for any enterprise or individual user. As a common server operating system, Linux can improve its security by using command line tools. This article will introduce some common command line tools and give corresponding code examples to help you better protect your Linux server.
SSH is a protocol for encrypted communication over the network. It can provide secure remote login and execution in unsecured networks. The function of the command. With SSH, we avoid transmitting passwords in clear text while also using public key encryption for authentication.
First, we need to ensure that the SSH service is installed and turned on. Execute the following command in the terminal:
sudo apt-get install openssh-server
Next, we need to edit the SSH configuration file /etc/ssh/sshd_config
, modify the default port number, prohibit remote login for the root user, etc. You can use the following command:
sudo nano /etc/ssh/sshd_config
You can find configuration items similar to the following in the file:
#Port 22 #PermitRootLogin prohibit-password
Remove the comment symbols and modify the required settings. After modifications are completed, save and exit.
Finally, restart the SSH service to make the configuration take effect:
sudo service ssh restart
Fail2Ban is an open source software used to prevent brute force attacks. It can detect multiple failed login attempts and automatically ban the attacker's IP address. Here we give an example for monitoring SSH login failures.
First, we need to install Fail2Ban. Execute the following command in the terminal:
sudo apt-get install fail2ban
Then, we need to create a custom configuration file /etc/fail2ban/jail.local
to monitor SSH login failures. You can execute the following command:
sudo nano /etc/fail2ban/jail.local
Add the following content to the file:
[sshd] enabled = true port = ssh logpath = %(sshd_log)s findtime = 600 bantime = 3600 maxretry = 3
Save and exit the configuration file.
Finally, restart the Fail2Ban service to make the configuration take effect:
sudo service fail2ban restart
iptables is a firewall tool in the Linux kernel that can filter and forwarding network packets to control network access rules. Below are some common iptables command examples.
Close all inbound connections:
sudo iptables -P INPUT DROP
Allow inbound connections to a specific IP address:
sudo iptables -A INPUT -s <IP地址> -j ACCEPT
Allow inbound connections to a certain port:
sudo iptables -A INPUT -p tcp --dport <端口号> -j ACCEPT
Block inbound connections from specific IP addresses:
sudo iptables -A INPUT -s <IP地址> -j DROP
Save iptables configuration:
sudo service iptables save
The above are several common command line tools through which we can effectively improve the security of Linux servers. . However, please note that before using these tools, you must understand the relevant commands and their usage to avoid misoperations that may cause the server to become unavailable. More importantly, keep the system and software updated at all times, patch vulnerabilities in a timely manner, and strengthen the server's defense capabilities.
I hope this article will be helpful to you, and I wish your Linux server is safe and worry-free!
The above is the detailed content of Improve Linux server security using command line tools. For more information, please follow other related articles on the PHP Chinese website!