s83/privacy-guides
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge 6746a4d00a into 0d3aa55231

Browse source
This commit is contained in:
Go Compile 2024-05-29 09:46:51 -04:00 committed by GitHub
commit edb0e8145c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

16
how-to-configure-hardened-debian-server/README.md
View file

@ -2,8 +2,8 @@
Title: How to configure hardened Debian server
Description: Learn how to configure hardened Debian server.
Author: Sun Knudsen <https://github.com/sunknudsen>
Contributors: Sun Knudsen <https://github.com/sunknudsen>
Reviewers:
Contributors: Sun Knudsen <https://github.com/sunknudsen>, Go Compile <https://github.com/go-compile>
Reviewers: Go Compile <https://github.com/go-compile>
Publication date: 2020-11-27T10:00:26.806Z
Listed: true
Pinned:
@ -166,6 +166,18 @@ su -
```shell
sed -i -E 's/^(#)?PermitRootLogin (prohibit-password|yes)/PermitRootLogin no/' /etc/ssh/sshd_config
sed -i -E 's/^(#)?PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
```
#### Limit login attempts and use `Ed25519` host key
```shell
sed -i -E 's/^(#)?MaxAuthTries 6/MaxAuthTries 2/' /etc/ssh/sshd_config
sed -i -E 's/^(#)?HostKey \/etc\/ssh\/ssh_host_ed25519_key/HostKey \/etc\/ssh\/ssh_host_ed25519_key/' /etc/ssh/sshd_config
```
#### Restart SSH daemon
```shell
systemctl restart ssh
```