SSH

Server monitoring with Monit on Debian and Ubuntu systems (page 2)

botond published March 2023, 01, Thu - 26:02 time
Monit is a free and open source process and resource monitoring tool that can be used to monitor system processes and resources using a web browser and command line. Monit automatically stops or restarts processes or services if, for example, they use too many resources or behave abnormally. It also sends email alerts about various events.
On this page, we will perform some fine-tuning on an existing Monit instance (installed and configured by the ISPConfig automated installer) on a Debian 11 (Bullseye) perfect server to make it work properly for us.

Server monitoring with Monit on Debian and Ubuntu systems

botond published March 2023, 01, Thu - 26:02 time
Monit is a free and open source process and resource monitoring tool that can be used to monitor system processes and resources using a web browser and command line. Monit automatically stops or restarts processes or services if, for example, they use too many resources or behave abnormally. It also sends email alerts about various events.
On this page, we install the Monit system monitor program on a Debian 10 (Buster) perfect server version 1.1, where it was not used before, and then set it up.

How to build and arming our ISPConfig3 server and how to secure our control panel, main services and websites with Let's Encrypt SSL

botond published 2023/01/20, p - 23:14 time
With the help of the ISPConfig control panel, we can easily manage the websites on our server, as well as other web services. In this description, we will review how to build and provision our ISPConfig3 server, as well as how to set up free SSL certificates issued by Let's Encrypt for the control panel, main services and our websites. On this page, we will install the basic system, the ISPConfig control panel with the necessary components, and then check the existing web interfaces and services.

How can we change the default tcp port 22 of our SSH server on our Debian or Ubuntu Linux server for better security?

botond published 2022/10/23, v - 08:10 time
There are several ways to manage web servers and other servers remotely, of which SSH is the most common command line solution. The SSH protocol communicates over an encrypted channel between the server and the client. Like all similar communications, SSH transmits data through a specific port, which by default is the well-known tcp port 22. Since the function of this port is known to many people, it exposes the servers to regular attacks. This is usually avoided - or at least to reduce the number of attempts - by switching this well-known port to another, unknown port number, which can only be detected externally by port scanning, which is a more time-consuming task.
In this write-up, we will look at how to change SSH's well-known TCP port 22 to a unique port number to minimize the number of attack attempts via SSH.

slogan

Manual page and help for the slogin Linux command. slogin is a symbolic link to the ssh command. ssh is an OpenSSH SSH client program.

Installing, configuring and using a UFW firewall on Debian / Ubuntu systems

botond published 2022. 06. 27., h - 12:54 time
UCW (Uncomplicated Firewall) is an easy-to-use netfilter firewall management program. It uses a command line interface that consists of a few simple commands and uses iptables for configuration, so it is the frontend of iptables. In this description we will look at the installation and basic use and configuration of the UFW firewall, the steps of which I will perform on a minimal Debian 11 server.

How to handle "WARNING: POSSIBLE DNS SPOOFING DETECTED!" and "REMOTE HOST IDENTIFICATION HAS CHANGED!" error at ssh login time?

botond published March 2022, 06, Thu - 16:17 time
When you use ssh access, your computer (client) retrieves the server's ECDSA (Elliptic Curve Digital Signature Algorithm) fingerprint each time it connects, which it stores in the list of known servers during the first connection (by default in the ~ / .ssh / known_hosts file). From now on, for future ssh connections, our machine will recognize the ECDSA fingerprint of the remote machine, verifying that we are connecting to the exact same machine later. If the newly retrieved fingerprint does not match the previously stored version during a subsequent connection, ssh throws the following error: "WARNING: POSSIBLE DNS SPOOFING DETECTED!" and "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!". These error messages alert you to the possibility that you may be a victim of DNS spoofing, or that the server's ECDSA fingerprint, that is, the public key of the SSH server, has changed.

How to create an SFTP user without shell access on your Linux system

botond published Jan. 2021, 01, 20:22 p.m. time
You may want to share larger files with others, or just receive ones that no longer fit in an email. Of course, there are also free file shares for this purpose, but if two-way data transfer is required more often, for example during teleworking, it is more expedient to solve this ourselves. SFTP (SSH File Transfer Protocol) is great for this, offering a secure file transfer solution over an SSH connection, unlike an unencrypted and outdated FTP connection. SFTP is available by default on any server that also has SSH access. As a result, in the present situation, the SSH connection has so many beauty flaws that it also provides a shell access, which we will not need here right now, because we do not want to be able to access other directories on our computer through the access we share. In this tutorial, we will look at how to create an SFTP user without shell access on your Linux system.

Convenient use of terminal windows with Asbrú Connection Manager (page 2)

botond published 2020. 11. 16., h - 23:18 time
If you use the command line frequently and have to work in several windows at once, it is essential to have a multi-tab terminal application that is comfortable to use and has the right knowledge. In this small user tutorial, you will learn about the Asbrú Connection Manager Linux application and its basic functions. On this page, we review how to manage, set up, and use SSH connections.

Convenient use of terminal windows with Asbrú Connection Manager

botond published 2020. 11. 16., h - 23:17 time
If you use the command line frequently and have to work in several windows at once, it is essential to have a multi-tab terminal application that is comfortable to use and has the right knowledge. In this small user tutorial, you will learn about the Asbrú Connection Manager Linux application and its basic functions. On this page, we will install the program and review the global settings.