How-To-Secure-A-Linux-Server
튜토리얼imthenachoman/How-To-Secure-A-Linux-Server
지속적으로 업데이트 된 Linux 서버 보안 강화 가이드.
개요
이 가이드는 Linux 서버 보안 강화에 대한 단계별 설명을 제공하며, SSH 보안, 방화벽 구성, 침입 탐지 등을 다루고 있습니다.
README 미리보기
# How To Secure A Linux Server\n\nAn evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters.\n\n[](#license)\n\n## Table of Contents\n\n- [Introduction](#introduction)\n - [Guide Objective](#guide-objective)\n - [Why Secure Your Server](#why-secure-your-server)\n - [Why Yet Another Guide](#why-yet-another-guide)\n - [Other Guides](#other-guides)\n - [To Do / To Add](#to-do--to-add)\n- [Guide Overview](#guide-overview)\n - [About This Guide](#about-this-guide)\n - [My Use-Case](#my-use-case)\n - [Editing Configuration Files - For The Lazy](#editing-configuration-files---for-the-lazy)\n - [Contributing](#contributing)\n- [Before You Start](#before-you-start)\n - [Identify Your Principles](#identify-your-principles)\n - [Picking A Linux Distribution](#picking-a-linux-distribution)\n - [Installing Linux](#installing-linux)\n - [Pre/Post Installation Requirements](#prepost-installation-requirements)\n - [Other Important Notes](#other-important-notes)\n - [Using Ansible Playbooks to secure your Linux Server](#using-ansible-playbooks-to-secure-your-linux-server)\n- [The SSH Server](#the-ssh-server)\n - [Important Note Before You Make SSH Changes](#important-note-before-you-make-ssh-changes)\n - [SSH Public/Private Keys](#ssh-publicprivate-keys)\n - [Create SSH Group For AllowGroups](#create-ssh-group-for-allowgroups)\n - [Secure `/etc/ssh/sshd_config`](#secure-etcsshsshd_config)\n - [Remove Short Diffie-Hellman Keys](#remove-short-diffie-hellman-keys)\n - [2FA/MFA for SSH](#2famfa-for-ssh)\n- [The Basics](#the-basics)\n - [Limit Who Can Use sudo](#limit-who-can-use-sudo)\n - [Limit Who Can Use su](#limit-who-can-use-su)\n - [Run applications in a sandbox with FireJail](#run-applications-in-a-sandbox-with-firejail)\n - [NTP Client](#ntp-client)\n - [Securing /proc](#securing-proc)\n - [Force Accounts To Use Secure Passwords](#force-accounts-to-use-secure-passwords)\n - [Autom