163
edits
Changes
→Basic security on a public-facing server
** Delete all default usernames, except root which you can't delete.
** Make sure that root is never allowed to log in remotely.
** Whenever possible: don't use passwords at all, use SSH keys for logging in. You've learned how to use them in OPS245OSL640/OSL740.
* Learn how to use sudo and how to configure it.
* Get in the habit of organising organizing your SSH keys so you don't accidentally lose them.
Remember that unlike OSL640/OSL740 your servers are on the real internet, and depending on how you configure them: they might be accessible by any attacker on the planet. You need to pay much more attention to security in this course than was required in OSL640/OSL740.