You may need to add new disk to your Linux LVM for various reasons such as for adding capacity for your existing applications or new applications. This post aims to show you how you can add a new disk to your existing LVM as well as to a new LVM. The difference between adding a new disk to a new LVM and to an existing LVM is that in the latter case you do not have to create a new volume group using vgcreate command. [Read more…]
Hardening Linux security may seem to be a daunting task for new Linux administrator and security auditor if they try to do it manually. Lynis automates the process of Linux security audit, which is widely used by system administrator, IT security auditor and security specialists. When you run Lynis to scan a system, it generates a report and suggestions that helps to patch up the security loopholes. The following are the procedures that you can perform straightway without anyone’s help. [Read more…]
Having the option of logging in to your server with SSH is essential for some web administrators, but logging in your server with root credentials via SSH is always unsafe. By the word root credentials, I mean that you should not remotely login with your server with root user name, rather use a less privileged user to login to your server and then use the “su” command to login as a root user.
So, the purpose of this post is to show you:
- How to disable SSH with root username?
- How to enable a normal user to login with SSH?
- How to use root username after login with less privilege user name?
The purpose of the Linux security checklist is to help the Linux users, entry-level, to become familiar with the most common security vulnerability of Linux operations systems. As you know security checking needs to be verified against well established practices, the following steps are necessary to following before starting your Linux security checking.
- Version number of Linux
- How many users use the OS?
- How many applications are running in your server?
- What are the active services?
- If your sever physically secured
- Whether modification in Linux configuration needs to go through authorization from senior management
- What is your backup plan?
- If there is any antivirus software running
- Check the access control list of the routers and firewalls, if any, directly connected to your server
- Do not use Telnet and FTP since both transmit unencrypted text. Instead use SSH and SFTP for secure connection with other servers or networks.
- Power supply unit to your Linux server? Is there any emergency power supply?
- Temperature and environmental control of the server room. [Read more…]