Blog

- Showing all posts in category: Security

Managing your linux machine from remote is a great thing, but you shouldn't allow root to logging in from SSH. Or at least when it's reachable from outside. There are anonymous groups active who will beat you up when when you allow this. Naah just a joke, I will beat you up personally. Or you could read this article.

 

Why shouldn't you allow root to logging in from SSH anyway?

Everyone knows that every Linux operating system has a user called 'root' who can do anything in the system. Root is the root. It can even take your dog away for a walk!

Because everyone knows that this user exists, they only need to guess the password to break in to your system by doing a brute force attack. So someone starts some script or bot who will do continuously login attempts with generated passwords. So the first thing you need to do is disallowing root access. Or even better, have a white list with IP addresses where you will allow SSH connections from.  Or if this is not an option, just block IP addresses where many unsuccessful login attems are made.I will write an article about that too but in the meanwhile take a look at DenyHosts.

So we are going to disallowing the root user to logging in from SSH.

Open the sshd_config file:

sudo vim /etc/ssh/sshd_config

 

Look for this line:

#PermitRootLogin no

After a clean install you would see that this line is usually commented. This means it will use the default value with is be YES. So having this line commented means that you will allow root login. Holy shit bro, look out I might stand behind you with a baseball bat!

Just change this line into:

PermitRootLogin no

Restart sshd to apply the changes:

sudo /etc/init.d/sshd restart

So how are you supposed to login now? You need to have a normal user with administrator rights or adding the user into sudoers by using visudo. Don't edit the /etc/sudoers file directly. Just do it with visudo because it will validate the changes you have done. if you screw this up, then sudo is not working properly.

# Securing your connection
Published on 22-12-2015

Encryption is getting importanter now because the internet has grown alot. We have internet everywhere. Even in our pockets. There are whole companies who are based to provide service on the internet. It's kinda weird that these companies are selling something you can't hold in your hands.

When you are trying to visit a website, your web browser is establishing an connection with the web server by using the HTTP protocol. This happens by establishing a plain text connection. 

Using an unencrypted, plain text connection is not a big deal for normal websites where there are no personal data stored onto it, like this site. Important services like internet banking, web e-mail clients or a payment service require the use of an encrypted connection.

The dangers of using a unencrypted HTTP connection:

  • All the data between client and server are exposable by using an network sniffer like Wireshark.
  • You don,'t know if the server/site is the real one. This falls under the category Phishing.

An encrypted connection prevents that any interceptor can read the data. If someone would use a network sniffer, the connection will be shown but all the data is encrypted.

 

BadSSL.com, check if your browser accepts invalid, insecure certificates.

https://badssl.com

 

Test your website or servers supported encryption. This site also tests your server for vulnurabelities.

https://www.ssllabs.com/ssltest/

 

Mozilla has launched a free service to generate your own TLS certificate

https://letsencrypt.org