1. Add SSH-key:
nano ~/.ssh/authorized_keys
2. Disable Authentication no:
nano /etc/ssh/sshd_config
PasswordAuthentication no
PermitRootLogin prohibit-password
hoặc
PermitRootLogin without-password
AllowUsers (chỉ cho phép root login ssh)
3. Đặt password root:
passwd root
4. Change hostname:
/etc/hostname
/etc/hosts
5. Delete user & group:
deluser + tên user
delgroup + tên group
6. Set-timezone:ln -sf /usr/share/zoneinfo/Asia/Ho_Chi_Minh /etc/localtime
7. Firewall (iptables)iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -P INPUT DROP
apt-get install iptables-persistent
/etc/init.d/netfilter-persistent save
cat /etc/iptables/rules.v4
8. Update server:apt update && apt upgrade -y
