As you could see on my last post about fail2ban, the SSH service is a popular target for brute force attacks, we really should take our time to improve our server’s security.

On top of iptables rules and fail2ban jails, we have a couple parameters that we can fine-tune on our servers to make another layer of protection.

# SSH authentication methods

By default, SSH allows for password authentication for all users except root, which is a good starting point, but we can improve this behavior.

Fail2ban is a software which scans log files like /var/log/auth.log and bans IP addresses which have done too many failed login attempts.

This is just one layer of security and should be used together with other tools and techniques such as iptables and SSH hardening.

I always configure a simple SSH jail using fail2ban on my GNU/Linux servers.

Today, I am going to show you how to configure a simple SSH jail.

When setting up a new Linux server, one of the first things you’ll want to do is secure it by configuring a firewall. iptables, a powerful firewall tool available on most Linux distributions, is an excellent choice for managing traffic rules.

In this post, I’ll walk you through setting up some basic iptables configurations for a freshly deployed server. By the end, you’ll have a solid firewall to protect your services while keeping things simple.

# A Sysadmin blog

I was thinking for a couple months to start a blog on the internet. My idea is to share my daily experiences to my fellow sysadmins and network administrators.

I was looking for something simple and easy to maintain, since I don’t want to spend too much of my free time here.

# The tool

I found Hugo which is a static website generator that reads content written in Markdown and generates HTML files.