You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Product type Paperback

Published in Feb 2023

Publisher Packt

ISBN-13 9781837630516

Length 618 pages

Edition 3rd Edition

Languages

Tools

Linux

Concepts

Hardening

Author (1):

Donald A. Tevault

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Setting up a Secure Linux System

2. Running Linux in a Virtual Environment FREE CHAPTER

3. Securing Administrative User Accounts

4. Securing Normal User Accounts

5. Securing Your Server with a Firewall – Part 1

6. Securing Your Server with a Firewall — Part 2

7. Encryption Technologies

8. SSH Hardening

9. Section 2: Mastering File and Directory Access Control (DAC)

10. Mastering Discretionary Access Control

11. Access Control Lists and Shared Directory Management

12. Section 3: Advanced System Hardening Techniques

13. Implementing Mandatory Access Control with SELinux and AppArmor

14. Kernel Hardening and Process Isolation

15. Scanning, Auditing, and Hardening

16. Logging and Log Security

17. Vulnerability Scanning and Intrusion Detection

18. Prevent Unwanted Programs from Running

19. Security Tips and Tricks for the Busy Bee

20. Other Books You May Enjoy

21. Index

SSH Hardening

The Secure Shell (SSH) suite is one of those must-have tools for Linux administrators. It allows you to take care of Linux servers from the comfort of your cubicle, or even from the comfort of your own home. Either way, it’s a lot better than having to don your parka and jump through security hoops to enter a cold server room. The secure in Secure Shell means that everything that you either type or transfer gets encrypted. That eliminates the possibility of someone obtaining sensitive data by plugging a sniffer into your network.

By this stage in your Linux career, you should already know how to use Secure Shell, or SSH, to do remote logins and remote file transfers. What you may not know is that the default configuration of SSH is actually quite insecure. In this chapter, we’ll look at how to harden the default configuration in various ways. We’ll look at how to use encryption algorithms that are stronger than the default, how to set up passwordless...