Stay Ahead With Linux Security HOWTOs
How to Secure My Network
access control Linux administration
access control Linux administration Most SSH hardening advice ends at the same recommendation: Disable password authentication and use SSH keys. . That's good advice. It removes entire classes of attacks, including password spraying, credential stuffing, and brute-force attempts against exposed servers. The problem is what happens next. Many administrators treat SSH keys as the finish line when they are really the beginning of the hardening process. Attackers rarely care whether they obtained access with a password or a private...
Jun 05, 2026
How to Secure My Networksecurity advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found 1 articles for you...
166
remote accesskey managementsecurity settingsEnsuring Safe Remote Access with SSH Key Authentication on UNIX Servers
You will most likely use a Secure Shell (SSH). to perform remote work with Linux servers or containers . Although the name of the software includes "secure," you shouldn't assume it is locked down by default. It's certainly more secure than telnet, but you still need to do extra to ensure your data and systems are safe. . Secure Shell is ready to use out of the box. It requires a username and a password. You issue the command "ssh" ralph@example.com, and you will be asked for the password of the user ralph. This is a much safer way to do it and one that's less likely to result in server hacking. This method is SSH-key authentication. SSH key authentication uses an SSH pair generated locally. The key pair consists of a public and private key. The private key stays on your machine, while the public key goes to the remote server. Once the pair of keys are in place, every time you log in, they will do a handshake and verify that they match. You will be granted access to the server if these keys match. You're outta luck if the keys do not match. This is a much more secure method than the traditional username/password setup and should be used on every Linux server. I will show you how SSH key authentication can be made a reality. Let's get started! What You Need You'll need two Linux machines for this demonstration -- one local and one remote. This is done through the command line, so you do not need to configure a desktop. You'll also need to know the IP address of the remote machine and its domain. How Can I Create an SSH Key Pair? You will need to generate your SSH key pair first. This is done locally. Log in to the machine you want to create the key pair on and use the command: ssh-keygen The key pair will be asked for a password. You will be asked to enter and confirm the password. Use a unique/strong password. The command above will create two files: id_rsa (the private key) & id_rsa.pub (the public key). You Can Copy Your Key to the RemoteMachine Next, you will need to copy your public keys to the remote computer. SSH includes a built-in feature that makes this process easy. Run the following command to copy the key: ssh-copy-id USER@SERVER> The SERVER address is the domain or IP address of the remote server. The remote user's SSH passphrase will be requested first. The public key is saved in the /.ssh on the remote server upon successful authentication. Then, you can test SSH key verification by trying to log in again with the following: ssh User@SERVER> The SERVER can be either the IP or domain address of the remote server. You'll now be asked for your SSH key password and not the user password. SSH key Authentication is now working. We can improve security further. Configure the SSH Server to Heighten Security Be sure to create key pairs before you proceed. Copy the public keys to the server and any client machines that need access to the remote servers. You'll have to take this step if you want the machines you need to log in with (even if they use valid user accounts). The only way around this would be to manually copy/paste the contents of the SSH public key from the client machine to the ~/.ssh/authorized_keys file on the server. We're now going to make sure that public key authentication and password authentication are disabled on both the local server and the remote server. Use the following command to edit the SSH daemon configuration (on the remote server). sudo nano /etc/ssh/sshd_config Look for the following line: #PubkeyAuthentication yes Replace that line with: PubkeyAuthentication Yes Then, find the following line: #PasswordAuthentication yes Replace that line with: PasswordAuthentication no Close the file and save it. Start SSH by using the following command: sudo systemctl restart sshd Open another terminal (on the machine where you copied the public keys to the server), and log in using SSH. You've now successfully made sure that theonly way you can log in to SSH using key authentication is if you have access. Anyone attempting to login to your Linux Server without the matching key pair is denied. Have additional questions about securing remote Linux server logins with SSH key authentication? Connect with us on X @lnxsec - we're here to help! . Establish reliable remote connectivity to your Linux server using SSH key verification by generating key pairs and adjusting server configurations.. SSH Authentication, Secure Shell, Key Pair Setup, Remote Server Login. . Dave Wreski
Feb 04, 2024
•
How to Learn Tips and Tricks
162
openvpnvpn setupsecure connectionSetting Up A Secure VPN Connection With OpenVPN, ProtonVPN, NordVPN
This guide explains VPN installation and configuration processes on Linux systems. We demonstrate these processes for OpenVPN, ProtonVPN, and NordVPN. . Using a virtual private network is a smart way to stay safe online. VPNs add a protective layer by encrypting your data, concealing your IP address, and channeling network traffic through secure “tunnels.” Most of us are familiar with using VPN apps on smartphones and Windows or MacOS computers. But what about Linux ? Can you use your favorite VPN? Are there open-source VPN options for Linux? In this article, I will introduce you to the OpenVPN project and explain how to set up its Community Edition using Easy-RSA. Additionally, I will guide you through the steps of installing the ProtonVPN GUI – an easy, fast, and free method to connect to one of the most trusted privacy platforms. . Utilizing a VPN is an intelligent move for enhancing online security. These networks provide an additional shield by encoding your information.. Linux VPN, Secure Connection, VPN Setup Guide, OpenVPN Installation, ProtonVPN Configuration. . Brittany Day
Aug 23, 2023
•
How to Strengthen My Privacy
166
remote accessLinux administrationSSHSecurely Connecting to Remote Servers Using SSH Protocols and Techniques
If you ever need to securely connect to a remote machine and reach a command-line interface, SSH is the tool for the job. The Secure Shell Protocol (SSH) has been used for decades as a means to remotely interface with Unix / Linux / BSD machines over insecure connections. . SSH operates on a traditional client - server principle where a remote user (client) can connect to a server and run commands as if they were sitting at the machine. SSH is particularly useful if you have a server or Raspberry Pi you need to control remotely. As these systems primarily use Linux, it’s easy to do things like edit scripts, change key configuration files or even install software remotely. In this how to, we will cover how to create basic SSH connections coming from Windows, macOS and Linux machines. . Discover the process of establishing a secure SSH connection to distant systems using either Windows, Linux, or macOS for efficient administration.. SSH Remote Access, Secure Shell Protocol, Command Line Access. . Brittany Day
Jul 08, 2022
•
How to Learn Tips and Tricks
162
network securityubuntuvpn setupInstalling WireGuard VPN on Ubuntu 20.04 for Enhanced Security
Learn how to set up WireGuard VPN - an innovative VPN (Virtual Private Network) technology that utilizes state-of-the-art cryptography - on Ubuntu 20.04 to act as a VPN server. This setup can be used to surf the web anonymously, bypass Geo-restricted content, allow remote workers to connect to a corpoarte network securely and protect against Man in the Middle attacks. . WireGuard is a modern VPN (Virtual Private Network) technology that utilizes state-of-the-art cryptography. Compared to other popular VPN solutions, such as IPsec and OpenVPN , WireGuard is faster, easier to configure, and has a smaller footprint. It is cross-platform and can run almost anywhere, including Linux, Windows, Android, and macOS. Wireguard is a peer-to-peer VPN; it does not use the client-server model. Depending on its configuration, a peer can act as a traditional server or client. It works by creating a network interface on each peer device that acts as a tunnel. Peers authenticate each other by exchanging and validating public keys, mimicking the SSH model. Public keys are mapped with a list of IP addresses that are allowed in the tunnel. The VPN traffic is encapsulated in UDP. . Discover the process of configuring WireGuard VPN on Ubuntu 20.04 to enhance your online security and maintain your privacy.. WireGuard Setup, Ubuntu 20.04 VPN, Network Security, Secure VPN Connection. . Brittany Day
Nov 02, 2020
•
How to Strengthen My Privacy
166
remote accessnetwork protocolopenbsdExploring SSH Command for Securing Remote Server Connections
Secure Shell (SSH) is a cryptographic network protocol used for an encrypted connection between a client and a server. The ssh client creates a secure connection to the SSH server on a remote machine. The encrypted connection can be used to execute commands on the server, X11 tunneling, port forwarding, and more. Learn more about SSH command and its role in securely managing a remote server: . There are a number of SSH clients available both free and commercial, with OpenSSH being the most widely used client. It is available on all major platforms, including Linux, OpenBSD, Windows, macOS and others. In this article, we will explain how to use the OpenSSH command-line client ( ssh ) to login to a remote machine and run commands or perform other operations. The link for this article located at Linuxize is no longer available. . Secure Shell (SSH) offers secure access to remote servers, allowing users to manage them securely over unsecured networks without compromising data integrity. SSH Commands, Secure Shell Protocol, Remote Server Access, OpenSSH Client. . Brittany Day
Dec 25, 2019
•
How to Learn Tips and Tricks
167
network securitysshtunnelingSafe Data Transfers: Effective SSH Tunneling Techniques
In this article, we present a few examples on how to use ssh to tunnel data from/to external applications. "VPN (Virtual Private Network) relies on ssh but in a different way, much more elaborate than the one we take up here. Another sophisticated so. . Secure Shell (SSH) facilitates safe communication over unsecured networks through tunneling, enhancing security for data transfer between services.. SSH Tunneling, Data Security, Secure Networking. . Anthony Pell
Nov 23, 2004
•
How to Secure My Network
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More