{"id":1356,"date":"2023-02-26T11:06:03","date_gmt":"2023-02-26T10:06:03","guid":{"rendered":"https:\/\/apfelcast.com\/?p=1356"},"modified":"2023-02-26T11:06:03","modified_gmt":"2023-02-26T10:06:03","slug":"linux-vserver-richtig-absichern-in-7-schritten-it-basics","status":"publish","type":"post","link":"https:\/\/it-ion.de\/index.php\/2023\/02\/26\/linux-vserver-richtig-absichern-in-7-schritten-it-basics\/","title":{"rendered":"Linux vServer richtig absichern in 7 Schritten &#8211; IT-Basics"},"content":{"rendered":"\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n <div class=\"brlbs-cmpnt-container brlbs-cmpnt-content-blocker brlbs-cmpnt-with-individual-styles\" data-borlabs-cookie-content-blocker-id=\"default\" data-borlabs-cookie-content=\"PGlmcmFtZSB0aXRsZT0iTGludXggdlNlcnZlciByaWNodGlnIGFic2ljaGVybiBpbiA3IFNjaHJpdHRlbiAtIElULUJhc2ljcyIgd2lkdGg9IjcyMCIgaGVpZ2h0PSI0MDUiIHNyYz0iaHR0cHM6Ly93d3cueW91dHViZS5jb20vZW1iZWQvb1ZFTnFka1lEam8\/ZmVhdHVyZT1vZW1iZWQiIGZyYW1lYm9yZGVyPSIwIiBhbGxvdz0iYWNjZWxlcm9tZXRlcjsgYXV0b3BsYXk7IGNsaXBib2FyZC13cml0ZTsgZW5jcnlwdGVkLW1lZGlhOyBneXJvc2NvcGU7IHBpY3R1cmUtaW4tcGljdHVyZTsgd2ViLXNoYXJlIiBhbGxvd2Z1bGxzY3JlZW4+PC9pZnJhbWU+\"><div class=\"brlbs-cmpnt-cb-preset-a\"> <p class=\"brlbs-cmpnt-cb-description\">Sie sehen gerade einen Platzhalterinhalt von <strong>Standard<\/strong>. Um auf den eigentlichen Inhalt zuzugreifen, klicken Sie auf die Schaltfl\u00e4che unten. Bitte beachten Sie, dass dabei Daten an Drittanbieter weitergegeben werden.<\/p> <div class=\"brlbs-cmpnt-cb-buttons\"> <a class=\"brlbs-cmpnt-cb-btn\" href=\"#\" data-borlabs-cookie-unblock role=\"button\">Inhalt entsperren<\/a> <a class=\"brlbs-cmpnt-cb-btn\" href=\"#\" data-borlabs-cookie-accept-service role=\"button\" style=\"display: none\">Erforderlichen Service akzeptieren und Inhalte entsperren<\/a> <\/div> <a class=\"brlbs-cmpnt-cb-provider-toggle\" href=\"#\" data-borlabs-cookie-show-provider-information role=\"button\">Mehr Informationen<\/a> <\/div><\/div>\n<\/div><\/figure>\n\n\n\n<p>In diesem Video zeige ich euch, wie Ihr in 7 Schritten euren Linux vServer absichern und damit vor Angreifern sch\u00fctzen k\u00f6nnt.<\/p>\n\n\n\n<p>\u00bb Erw\u00e4hnte Videos:<br>Fail2Ban f\u00fcr Nextcloud einrichten: <a href=\"https:\/\/www.youtube.com\/watch?v=nqz1IavVMUI\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.youtube.com\/watch?v=nqz1IavVMUI<\/a><br>Automatische Update einrichten: <a href=\"https:\/\/cc.apfelcast.com\/0nq9u\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/cc.apfelcast.com\/0nq9u<\/a><\/p>\n\n\n\n<div id=\"93964-1\"><script src=\"\/\/ads.themoneytizer.com\/s\/gen.js?type=1\"><\/script><script src=\"\/\/ads.themoneytizer.com\/s\/requestform.js?siteId=93964&amp;formatId=1\"><\/script><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Im Video verwendete Befehle:<\/h3>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\n1. SSH Rot Login Deaktivieren:\n\n## create new user\nadduser srvadmin\n\n## add user to sudo group\nusermod -aG sudo srvadmin\n\n## disable Login in settings\nnano \/etc\/ssh\/sshd_config\n\nchange \"PermitRootLogin\" to \"no\"\n\n\n2. Change SSH Port \n\n## open SSH config file\nnano \/etc\/ssh\/sshd_config \n\nreplace Port number\n\n## restart ssh \nservice ssh restart\n\n3. Use SSH Key to Login\n\n## create key\nssh-keygen -t rsa\n\n## Login to remote Server and open file ##\nnano ~\/.ssh\/authorized_keys\n\n## copy public-key from local machine and add to file ##\ncat ~\/.ssh\/id_rsa.pub\n\n4. Configure internal firewall\n\n## install ufw\napt install ufw\n\n## configure ufw\n\nufw default deny\nufw allow 1055\nufw allow 80\nufw allow 443\nufw enable\n\nufw status\n\n\n5. Install &amp; Configure Fail2Ban\n\n## install fail2ban\napt install fail2ban\nsystemctl enable fail2ban\n\n## copy conf\ncp \/etc\/fail2ban\/jail.conf \/etc\/fail2ban\/jail.local\n\n## edit conf\nnano \/etc\/fail2ban\/jail.local\n\n## configure for ssh\n[sshd]\nmaxretry  = 3\nfindtime  = 1d\nbantime   = 1w\nport    = ssh\nlogpath = %(sshd_log)s\nbackend = %(sshd_backend)s\n\n\n## restart fail2ban\nsystemctl restart fail2ban\n\n## check service \nfail2ban-client ping\n\nfail2ban-client status sshd\n\n\n6. Disable IPv6\n\n## open config\nnano \/etc\/sysctl.d\/99-sysctl.conf\n\n## add the follwoing lines at the buttom\nnet.ipv6.conf.all.disable_ipv6 = 1\nnet.ipv6.conf.default.disable_ipv6 = 1\nnet.ipv6.conf.lo.disable_ipv6 = 1\n\n## execute changes\nsysctl -p\n\n## check if disableing worked\ncat \/proc\/sys\/net\/ipv6\/conf\/all\/disable_ipv6\n<\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In diesem Video zeige ich euch, wie Ihr in 7 Schritten euren Linux vServer absichern&#8230;<\/p>\n","protected":false},"author":1,"featured_media":1357,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-1356","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-allgemein"],"taxonomy_info":{"category":[{"value":1,"label":"Allgemein"}]},"featured_image_src_large":["https:\/\/it-ion.de\/wp-content\/uploads\/2023\/02\/Thumb_vServer-absichern-1024x576.jpg",1024,576,true],"author_info":{"display_name":"Daniel Klozb\u00fccher","author_link":"https:\/\/it-ion.de\/index.php\/author\/wp-master\/"},"comment_info":0,"category_info":[{"term_id":1,"name":"Allgemein","slug":"allgemein","term_group":0,"term_taxonomy_id":1,"taxonomy":"category","description":"","parent":0,"count":89,"filter":"raw","cat_ID":1,"category_count":89,"category_description":"","cat_name":"Allgemein","category_nicename":"allgemein","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/posts\/1356","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/comments?post=1356"}],"version-history":[{"count":0,"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/posts\/1356\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/media\/1357"}],"wp:attachment":[{"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/media?parent=1356"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/categories?post=1356"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/it-ion.de\/index.php\/wp-json\/wp\/v2\/tags?post=1356"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}