Wiki

User Tools

Site Tools

Trace: audio_channels
systems:secure_server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
systems:secure_server [2021/07/24 12:45] – [Login with peter] petersystems:secure_server [2021/07/24 12:57] (current) – [Stop Pings] peter
Line 47: Line 47:
 ---- ----
  
-===== Add peter user to sudo group =====+===== Add non-root user to sudo group =====
  
 <code bash> <code bash>
Line 65: Line 65:
 ===== Login with non-root account ===== ===== Login with non-root account =====
  
-Login using the peter user.+Login using the peter user account.
  
 ---- ----
Line 85: Line 85:
 </code> </code>
  
 +----
 +
 +==== Logout ====
 +
 +<code bash>
 logout logout
 +</code>
  
 ---- ----
  
-==== Create public & private key in separate PC====+==== Create public & private key in separate PC ====
  
 <code bash> <code bash>
Line 99: Line 105:
  
   * No passphrase.   * No passphrase.
-  * enter +  * Press **enter**. 
-  * enter+  * Press **enter**.
  
 </WRAP> </WRAP>
Line 114: Line 120:
  
 <WRAP info> <WRAP info>
-**NOTE:+**NOTE:**  This should display some files:
  
   * **id_rsa**:  Private key.   * **id_rsa**:  Private key.
Line 131: Line 137:
  
 <WRAP info> <WRAP info>
-**NOTE:**  This will create **authorized_keys** file in **.ssh** on the server.+**NOTE:**  This will create an **authorized_keys** file in **.ssh** on the server.
 </WRAP> </WRAP>
  
Line 140: Line 146:
 Try to log into server. Try to log into server.
  
-  Should allow without asking for a password.+<WRAP info> 
 +**NOTE:**  This should allow access without asking for a password. 
   * It is using the keys.   * It is using the keys.
 +
 +</WRAP>
  
 ---- ----
Line 155: Line 165:
  
 sudo vi /etc/ssh/sshd_config sudo vi /etc/ssh/sshd_config
- 
-Port - change from 22 to 717 
-AddressFamily inet - change to only allow ipv4. 
-PermitRootLogin - change to no 
-PasswordAuthentication yes - change to no 
 </code> </code>
 +
 +<WRAP info>
 +**NOTE:** Make the following changes:
 +
 +  * Port:  Change from 22 to 717
 +  * AddressFamily inet:  Only allow ipv4.
 +  * PermitRootLogin:  Change to **no**.
 +  * PasswordAuthentication yes:  Change to **no**.
 +
 +</WRAP>
 +
  
 ---- ----
Line 188: Line 204:
 <code bash> <code bash>
 ssh peter@192.168.1.x -p 717 ssh peter@192.168.1.x -p 717
-<code bash>+</code>
  
 <WRAP info> <WRAP info>
Line 232: Line 248:
  
 <WRAP info> <WRAP info>
-**NOTE: Press **y**.+**NOTE:** Press **y**.
 </WRAP> </WRAP>
  
Line 273: Line 289:
 </code> </code>
  
-Add a new line above this: +  * Add a new line above this: <file bash /etc/ufw/before.rules>
- +
-<file bash /etc/ufw/before.rules>+
 ->ok icmp codes for input ->ok icmp codes for input
 </file> </file>
Line 282: Line 296:
 ufw-before-input -p icmp --icmp-type echo-request -j DROP ufw-before-input -p icmp --icmp-type echo-request -j DROP
 </code> </code>
 +
 +----
 +
 +==== Reload UFW ====
  
 <code bash> <code bash>
systems/secure_server.1627130747.txt.gz · Last modified: 2021/07/24 12:45 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki