After covering basic server security in a previous video, I wanted to expand more on that matter and show you how to make your servers even sturdier. In this video, I cover disabling SSH root login, setting up 2-Factor Authentication, and installing Fail2Ban, a software package that automatically bans attackers IP addresses.
1 Like
Details for howto setup 2FA for ssh:
additionally if you want to avoid the process for users who connecting from local subnet then sshd can be configured to allow using only publickey as well.
Match Address *,!192.168.0.0/16
AuthenticationMethods "password"
1 Like