Server operating systems come with many advancements, which provide the functionality to monitor users’ activities, automatically monitor the resources, and monitor network resources. The Ubuntu Server 22.04, is the latest and the most popular server operating system due to its universal performance and security features. The latest security patches aid make it hard to compromise the vulnerabilities, but some security measures must be carried out.  

In this article, we will learn about taking some security measures, for securing Ubuntu Server 22.04

 How to Secure Your Ubuntu Server?

Every system that is, connected to the Internet has some vulnerabilities. These vulnerabilities can compromise the security of the systems.  The servers are the most important for any organization because all the confidential files are stored and shared through a server. It has been observed many times that the loss of information due to a lack of security has generated a major loss. It is a good practice to secure the servers so that we can minimize the risk of vulnerabilities. If you have installed Ubuntu Server 22.04, follow these steps to secure:

  • Install Updates and Upgrade 
  • Root account Privileges
  • SSH configuration
  • Services 
  • Install Updates

The process of installing updates regularly can mitigate many existing vulnerabilities. The developers work on the existing bugs regularly and release security patches to cope with the existing bugs. In order to update the system, execute the following command:

$ sudo apt-get update

The command will install the updates:

After the installation, upgrade the system, and type the following command in the terminal:

$ sudo apt-get upgrade

The command will upgrade all the packages that are required to be upgraded:

  • Root Account Privileges

There must be only the root user to have root privileges. If you want to check out the accounts that have the root privileges type the following command in the terminal:

$ awk -F: '($3 == "0") {print}' /etc/passwd

The command displays the users with the root privileges: 

  • SSH Configuration

 In the servers, the Secure Socket Shell(SSH) has an important role. All the incoming and outgoing network traffic interacts with the SSH. We can minimize the chance of any network attack by configuring the SSH. Type the following command and  Open the following configuration file in the nano text editor: 

$ sudo nano /etc/ssh/sshd_config

The command will open the configuration file in nano text editor. Find the line “PermitRootLogin no”, and comment out it, by removing the “#” in the beginning. It will disable the Root Login permission to the SSH

In the next step, find the line “AllowUsers” in this file and comment it out also, by removing the “#” symbol, and we allow the root user only. For this purpose type the name of the root user and save the file. This process will change the permissions for the SSH. 

Now, we’ll also change the default port, find “Port” and change it accordingly. The default port number has the value 22. It is suggested to change it. Change the value of the default port number, save the file by pressing “Ctrl + O”, and press the Enter key:  

Locate the line “PermitEmptyPasswords no” and comment out the line. This will specify that no user can log in without passwords. Every user must be able to log in with the correct login credentials. Save the file and close the configuration file:

In the next step, we will restart the SSH service by typing the following command:

$ sudo service ssh restart

The command will start the SSH services with the new configuration settings:

  • Monitoring Services

Services are the tasks that are in running state or being executed. You can monitor the services by listing them down. You can monitor the activities of different users connected to the server through the network by listing down the services. The activities that are performed by the users of the server are managed by log files. These log files can be listed by opening services in the terminal. If you want to monitor services that are running, you can list them down by typing the following command in the terminal:

$ service -status-all

The command will list down all the services:

If you want to view only the services that are in running state, type the following command:

$ service –status-all | grep "[+]"

The command will display only tasks that are running on your server:

By following these steps, you can advance the security measures. 

Conclusion

To secure the Ubuntu server, install updates regularly, configure your secure socket shell, permit the login to authorized personnel only, and monitor the services. By following these steps, the security vulnerabilities can be minimized.  In this, blog we have elaborated on how you can secure your Ubuntu Server 22.04.