![]() Soon you will see blocked IP addresses when you list the NFT ruleset sudo nft list ruleset Make chroot jail sftp users that can download and upload only from a folder in their home directory On Raspberry Pi BACKEND="/usr/lib/aarch64-linux-gnu/sshg-fw-nft-sets Start sshguard sudo systemctl enable sshguard Sudo nano /etc/sshguard/nf BACKEND="/usr/lib/x86_64-linux-gnu/sshg-fw-nft-sets" ![]() Set up sshguard sudo apt install sshguardĪdd sshg-fw-nft-sets to BACKEND= in sshguard-conf if needed List the NFT ruleset sudo nft list ruleset Stop brute force attacks with sshguard and nftables Restart nftables sudo systemctl restart nftables sudo apt updateĮdit nf with modified Simple ruleset for a server to only accept SSH/SFTP on port 22 and alternative port 2222 If Nftables is not installed you can install it and start it with these commands. Use nftables firewall to accept only port 22 SSH/SFTP. ssh Setting up basic security Generating good passwords sudo apt install pwgen Sudo systemctl status ssh Recommended SSH client The OpenSSH server is already running on Ubuntu server, but if you are using Ubuntu Desktop you can install and start the Openssh server. Here are some tips on using a dedicated SFTP server running Ubuntu 20.04/22.04. In Some tips on downloading and uploading DCPs and large files I wrote about the different ways I send large files:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |