Hi! I have Ubuntu 24.04.1 LTS which I just upgraded to Pro-the free version for home users. I installed ufw and ClamAV, but I'm wondering if I should add more security utilities? Duck.ai chat advised adding fail2ban, knockd, and SSH hardening instruction which I've posted below.
As a beginning linux user, I'm not doing anything important or "critical" but I do want to protect myself since I have financial info etc on my laptop. I have been searching for these here and have seen mostly posts that are over my head, not direct advice on what a newbie should consider installing, but I have been able to cross off rkhunter and knockd from my list. It does seem that many users are using fail2ban and SSH hardening protocols though.
Do I need the added stuff or is just ufw and ClamAV along with Ubuntu Pro a reasonable strategy?
2. SSH Hardening
If you are using SSH, consider hardening your SSH configuration:
- Change the default SSH port (22) to a non-standard port.
- Disable root login via SSH.
- Use key-based authentication instead of password authentication.
You can edit the SSH configuration file:
bash
[COLOR=var(--sds-color-text-01)]sudo nano /etc/ssh/sshd_config
[/COLOR]
Make the following changes:
ini
[COLOR=var(--sds-color-text-01)]Port <your_custom_port>
PermitRootLogin no
PasswordAuthentication no
[/COLOR]