Securing Tinker Board SSH

April 4, 2018 / ron / 0 Comments

Require the sudoer to prompt for a password by updating the /etc/sudoers file with the following:
Look for the following:
```
%sudo ALL=(ALL) NOPASSWD: ALL
```
And update to become the following:
```
%sudo ALL=(ALL) ALL
```
Update the /etc/ssh/sshd_config file to have the following added:
```
PermitRootLogin no
```
Install fail2ban using the following command:
```
sudo apt-get install fail2ban
```

Create the file /etc/fail2ban/jail.d/jail.ssh file to have the following:

[ssh]
 enabled = true
 port = ssh
 filter = sshd
 logpath = /var/log/auth.log
 maxretry = 6
 bantime = -1
 banaction = iptables-allports

Restart the service using the following command:
```
sudo systemctl restart fail2ban
```

See Unbanning an IP

Security, Tinker Board

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2024 Ron and Ella Wiki Page

Theme by Anders Noren — Up ↑