create new user $ adduser username
$ usermod -aG sudo username
$ echo 'username ALL=NOPASSWD ALL' >> /etc/sudoers
$ nano /etc/ssh/sshd_config
change ssh port from 22 to 9022
#Port 22
Port 9122
Disable Root Account
change in /etc/ssh/sshd_config
PermitRootLogin yes
to
PermitRootLogin no
Add firewall rules :
sudo iptables -I INPUT 1 -i lo -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 9122 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -I INPUT -p udp --dport 111 -j REJECT
sudo iptables -A INPUT -j REJECT
well be updated later .
No comments:
Post a Comment