Making Basic Secure Ubuntu Server 12.04 --> SSH Hardening & Admin Groups

Discussion in 'Installation/Configuration' started by danhansen@denmark, Oct 21, 2013.

  1. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    Hi,

    I'm building a secure ubuntu server 12.04 - only using the boinc-client, lm-sensor and a shell script (sendmail??? script sends a mail when cpu is to hot)

    I have a question regarding these issues:

    1. SSH Hardening - disable root login and change port.
    2. Protect su by limiting access only to admin group

    The guide & the guru says:
    SSH Hardening - disable root login and change port.
    The easiest way to secure SSH is to disable root login and change the SSH port to something different than the standard port 22.
    Before disabling the root login create a new SSH user and make sure the user belongs to the admin group (see step 4. below regarding the admin group).
    If you change the SSH port also open the new port you have chosen on the firewall and close port 22.

    Protect su by limiting access only to admin group.
    To limit the use of su by admin users only we need to create an admin group, then add users and limit the use of su to the admin group.
    Add a admin group to the system and add your own admin username to the group by replacing <YOUR ADMIN USERNAME> below with your admin username.


    My question is regarding the admin group. When you install the ubuntu server 12.04 you are creating a user during the setup!

    a. Isn't this user an admin? (I'm not sure about these things, but I guess you are using SU to claim admin rights, a kind of root in ubuntu? - root with password I know i banned in ubuntu!)
    b. If not, what do I do with the user account I created during setup?
    c. What's understod by "create a new SSH user"? Is it to create a user, belonging to the admin group? Please specify this as good as possible
    d. "...If you change the SSH port also open the new port you have chosen on the firewall and close port 22.." This is only locally, on the server you are setting up only, right!?!

    A Unix-Guru once told me, that the best thing to do about this, was to set the administrator to no rights at all (guest or less) and to create a new user, and give this user admin rights.
    I thought that this was what I had done! But the user I'm using is the user which was created during the ubuntu installation.

    If I asking to much, please guide me in the right direction - and I will try some more o)


    Sources:
    http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics


    Sorry for the newbie questions :eek:
     
    Last edited: Oct 21, 2013
    danhansen@denmark, Oct 21, 2013
    #1

Share This Page