Nishadh KA

Secure ubuntu SERVER 1204

2014-01-16

  1. For key pair login and removing the password based on
    1. http://ubuntuforums.org/archive/index.php/t-30709.html
    2. http://blog.nas-admin.org/?p=63
    3. http://www.thefanclub.co.za/how-to/how-install-psad-intrusion-detection-ubuntu-1204-lts-server following first one

  2. following steps

    cd .ssh/ 
ssh-keygen -t dsa 
scp id_dsa.pub serverusername@IP:./id_dsa.pub 
ssh into server 
cd .ssh 
touch authorized_keys2
chmod 600 authorized_keys2 
cat ../id_dsa.pub >> authorized_keys2 
rm ../id_dsa.pub

  3. edited the /etc/ssh/sshd_config for for pass word less authentication

    #PasswordAuthentication yes >>> 
PasswordAuthentication no 
PermitRootLogin yes >>> 
PermitRootLogin no >>> DebianBanner no

  4. then restarted the ssh

    sudo /etc/init.d/ssh restart

  5. now with out key file the permission will be denied

  6. following this steps for security http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics

  7. for installing Firewall - UFW sudo apt-get install ufw sudo ufw allow ssh sudo ufw allow http sudo ufw enable sudo ufw status verbose

  8. to make into static IP address following http://lani78.wordpress.com/2012/07/19/change-to-static-ip-on-the-ubuntu-precise-pangolin-server/

  9. For that error, made a change of IP address of public what ISP provider has given, it is wrong, given the current situation of server display problem it was a disastrous step. By doing this the ssh access which is the final method to access the server gets disrupted. It was rectified by running the live Ubuntu server cd and access the hard drive from that using a given shell script.

  10. Internet is accessed by, changing the NAT option in router selected. The static IP address, web server by 80 and ssh by 22 port. based on this http://askubuntu.com/questions/299572/making-websites-visible-to-outside-networks-with-ubuntu-server-12-04