7

How to secure a Linux host? [closed]

view full story
linux-howto

http://stackoverflow.com – I'm looking for suggestions around the notion of securing a Linux host in 2013... Historically I've used aspects of the following but it's been a while since I've thought about these matters and it may be time to shore up those defenses again! Securing a Linux host: Disable all insecure protocols (telnet, pop, etc) and restrict shell access to ssh2. Disable root remote log into the shell. Limit user accounts which can log into the shell. Limit the IPs which can log into a shell. Use sudo to run all your programs. Install a firewall such as iptables and drop connections from IPs that misbeh (HowTos)

dadebian's picture
Submitted by dadebian on 01/19/2013 – Made popular on 01/19/2013

Stories similar to How to secure a Linux host? [closed]

Restricted ssh 3 years 25 weeks ago

Hi all,

I search an efficient way to restrict ssh connections to only run a specific command. It is intended to be used automaticaly. Say the user name is "check" and the command is "ps", and used by a remote monitoring host.

  I am using a bash shell under Ubuntu Linux operating system. Sometime I need to restrict my own Internet bandwidth for all my shell applications such as ftp, sftp, wget, curl and friends. How do I limit the network speed under bash without setting up a complicated firewall and tc rules as described here?

I am using a bash shell under Ubuntu Linux operating system.

I want update my linux in one shell but by default wget or axel in updater use all the bandwidth.

How can I limit the speed in this shell?

I want other shells to have a fair share, and to limit everything in that shell – something like a proxy!

I use Zsh and Arch Linux.

I have been researching for hours and still unable to solve my problem.

This error "ssh_exchange_identification: Connection closed by remote host" has many proposed solutions but none seem to solve my problem.

This is what I want to accomplish:

I have a server (10.0.0.5) SSH on it. The server has the following users and their shells:

passport , shell=/bin/false user1, shell=git-shell user2, sh

Hello,

My name is joeltrane and I am a new member of this community.

I'm trying to write a shell script to transfer files to a remote windows machine which is running a ultra simple sftp server . So i don't have the option of using public key authentication.

From the Linux end its a stripped down version for non intel platform , So if i want to use "expect" i cant install expect/tcl/tk.

I want to create a script that runs shell commands on a remote Linux machine and print out the result. Some thing like a "run once" SSH. Or for those familiar with Android development, something like "adb shell". For example, I want to run "ls" on my remote machine and display the results on the local host.

plz anyone help me out with this error im compiling cm7 from source for galaxy fit beni ......

HTML Code: Install: out/host/linux-x86/bin/imgdiff Install: out/host/linux-x86/bin/iself Install: out/host/linux-x86/bin/isprelinked Install: out/host/linux-x86/bin/jasmin Install: out/host/linux-x86/bin/jdwpspy Install: out/host/linux-x86/bin/kcm Install: out/host/linux-x86/bin/line_endi

on a Linux system there are lot's of users by default: daemon, bin, sys, games, etc.

According to my /etc/passwd most of these users have a shell assigned (/bin/sh) which seems some kind of insecure to me.