Stay Ahead With Linux Security HOWTOs
How to Secure My Network
security advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
How to Secure My Networknetwork monitoring Linux server
network monitoring Linux server When a Linux server initiates an unauthorized outbound connection to an unknown IP address, it rarely triggers an immediate system failure. Instead, the server continues running normally, and the connection is usually only discovered during a routine firewall log review, a DNS audit, or a post-incident investigation. Because there are no obvious system crashes or performance drops, these quiet outbound sessions can easily be overlooked. . However, treating these anomalies lightly is a...
May 27, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found -2 articles for you...
166
remote accesskey managementsecurity settingsEnsuring Safe Remote Access with SSH Key Authentication on UNIX Servers
You will most likely use a Secure Shell (SSH). to perform remote work with Linux servers or containers . Although the name of the software includes "secure," you shouldn't assume it is locked down by default. It's certainly more secure than telnet, but you still need to do extra to ensure your data and systems are safe. . Secure Shell is ready to use out of the box. It requires a username and a password. You issue the command "ssh" ralph@example.com, and you will be asked for the password of the user ralph. This is a much safer way to do it and one that's less likely to result in server hacking. This method is SSH-key authentication. SSH key authentication uses an SSH pair generated locally. The key pair consists of a public and private key. The private key stays on your machine, while the public key goes to the remote server. Once the pair of keys are in place, every time you log in, they will do a handshake and verify that they match. You will be granted access to the server if these keys match. You're outta luck if the keys do not match. This is a much more secure method than the traditional username/password setup and should be used on every Linux server. I will show you how SSH key authentication can be made a reality. Let's get started! What You Need You'll need two Linux machines for this demonstration -- one local and one remote. This is done through the command line, so you do not need to configure a desktop. You'll also need to know the IP address of the remote machine and its domain. How Can I Create an SSH Key Pair? You will need to generate your SSH key pair first. This is done locally. Log in to the machine you want to create the key pair on and use the command: ssh-keygen The key pair will be asked for a password. You will be asked to enter and confirm the password. Use a unique/strong password. The command above will create two files: id_rsa (the private key) & id_rsa.pub (the public key). You Can Copy Your Key to the RemoteMachine Next, you will need to copy your public keys to the remote computer. SSH includes a built-in feature that makes this process easy. Run the following command to copy the key: ssh-copy-id USER@SERVER> The SERVER address is the domain or IP address of the remote server. The remote user's SSH passphrase will be requested first. The public key is saved in the /.ssh on the remote server upon successful authentication. Then, you can test SSH key verification by trying to log in again with the following: ssh User@SERVER> The SERVER can be either the IP or domain address of the remote server. You'll now be asked for your SSH key password and not the user password. SSH key Authentication is now working. We can improve security further. Configure the SSH Server to Heighten Security Be sure to create key pairs before you proceed. Copy the public keys to the server and any client machines that need access to the remote servers. You'll have to take this step if you want the machines you need to log in with (even if they use valid user accounts). The only way around this would be to manually copy/paste the contents of the SSH public key from the client machine to the ~/.ssh/authorized_keys file on the server. We're now going to make sure that public key authentication and password authentication are disabled on both the local server and the remote server. Use the following command to edit the SSH daemon configuration (on the remote server). sudo nano /etc/ssh/sshd_config Look for the following line: #PubkeyAuthentication yes Replace that line with: PubkeyAuthentication Yes Then, find the following line: #PasswordAuthentication yes Replace that line with: PasswordAuthentication no Close the file and save it. Start SSH by using the following command: sudo systemctl restart sshd Open another terminal (on the machine where you copied the public keys to the server), and log in using SSH. You've now successfully made sure that theonly way you can log in to SSH using key authentication is if you have access. Anyone attempting to login to your Linux Server without the matching key pair is denied. Have additional questions about securing remote Linux server logins with SSH key authentication? Connect with us on X @lnxsec - we're here to help! . Establish reliable remote connectivity to your Linux server using SSH key verification by generating key pairs and adjusting server configurations.. SSH Authentication, Secure Shell, Key Pair Setup, Remote Server Login. . Dave Wreski
Feb 04, 2024
•
How to Learn Tips and Tricks
163
remote accesskey managementlinux serversHow To Setup Passwordless SSH Login For Multiple Linux Servers
Learn how to setup passwordless SSH key-based authentication for multiple remote Linux servers simultaneously using a shell script in this TecMint tutorial. . SSH Key-based authentication (also known as public-key authentication) allows for password-less authentication and it is a more secure and a much better solution than password authentication. One major advantage of SSH password-less login , let alone security is that it allows for automation of various kinds of cross-server processes. In this article, we will demonstrate how to create an SSH key pair and copy the public key to multiple remote Linux hosts at once, with a shell script. . Setup SSH key-based authentication across multiple remote servers with ease. Generate keys if missing and copy public keys efficiently.. SSH Authentication, Passwordless Login, Key-based Access. . Brittany Day
Oct 08, 2020
•
How to Secure My Webserver
160
data protectionfile encryptionencryption toolHow to Secure Your Data With gocryptfs on Linux Servers
Looking for a user-friendly encryption tool to secure data on your Linux servers? If so, you'll want to check our gocryptfs. In this tutorial, Jack Wallen demonstrates how to install and use gocryptfs. . Your Linux servers probably hold very precious company and/or client data. If that's the case, what do you do to protect it? Yes, you've probably spent an inordinate amount of time hardening your network and maybe you've had a good amount of success at keeping intruders away. But, eventually someone will get in. When they do, is that data protected? Why not give that data a layer of encryption? With Linux powering your data center servers, there are a number of tools that can help you achieve this. One such tool is gocryptfs. The gocryptfs tool allows you to encrypt only the directories you need. It's lightweight, user-friendly, and secure. Better still, gocryptfs allows you to move those encrypted directories from one system to another. As long as you have the encryption passphrase, those encrypted directories can be seen as portable vaults of data. . Safeguard your Linux server files using encfs, a straightforward encryption solution designed to shield essential data.. Encryption Tool, Data Protection, gocryptfs. . Brittany Day
Sep 21, 2020
•
How to Harden My Filesystem
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More