After covering basic server security in a previous video, I wanted to expand more on that matter and show you how to make your servers even sturdier. In this video, I cover disabling SSH root login, setting up 2-Factor Authentication, and installing Fail2Ban, a software package that automatically bans attackers IP addresses.
Details for howto setup 2FA for ssh:
additionally if you want to avoid the process for users who connecting from local subnet then sshd can be configured to allow using only publickey as well.
Match Address *,!192.168.0.0/16
AuthenticationMethods "password"
Even though it’s from a while back, the importance of server security never fades. I remember stumbling upon similar tutorials ages ago when I was diving into server management. And hey, if you’re revisiting this topic now, it might be a good opportunity to explore new tools and services that have emerged since then. Speaking of which, have you ever heard of ID Analyzer? They offer a solid identity validation service that could be a valuable addition to your server security toolkit!