[ubuntu] Ubuntu 20.04 Security Checkup

[ubuntu] Ubuntu 20.04 Security Checkup

Hello everyone,

I am setting up some import Ubuntu servers which will be running version 20.04.

I would just like to run my security setup passed you to make sure I haven’t missed anything important.

On all the servers I will be installing:

  1. OpenSSH Server
  2. Fail2Ban
  3. UFW
  4. Bash Login Notifications

OpenSSH Security
Only the Ubuntu user will be permitted to login via SSH using a certificate.
Here are the changes I have made to the sshd_config file:


AllowUsers ubuntu
PermitRootLogin no
PasswordAuthentication no
AllowTcpForwarding no
ClientAliveCountMax 2
Compression no
MaxAuthTries 2
MaxSessions 2
Port 44558
TCPKeepAlive no
X11Forwarding no
AllowAgentForwarding no
Protocol 2
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Fail2Ban Security
Here are the changes I have made to jail.conf


bantime  = 7d
findtime  = 1h
maxretry = 3
destemail = [email protected]
mta = mail

UFW Security
Here are the rules I have setup


sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow from to any port 44558 proto tcp
sudo ufw enable

Additional rules will be added to specific servers based on it’s purpose. For example:
My web server will only allow incoming traffic on port 443.
My mysql server will only allow incoming traffic from the apache web servers.

Bash Login Notification
I’ve also added the following line to the .bashrc to let me know of any logins.


echo 'ALERT - '$USER' shell access found on '$HOSTNAME' on:' `date` `who` | mail -s "Alert: User shell access" [email protected]

If you have any comments on the above I would love to hear them. Also, if you can think of anything else which might help, please let me know.

Kind Regards


Previous CDROM in KVM Guest
Next Install Ubuntu on acer n16q14

About author

You might also like

Ubuntu Dsicussions 0 Comments

[ubuntu_mate] Compiling CinePaint 1.0-4

Hi, right now I am trying to compile CinePaint 1.0-4 from source, but I am getting various error messages: https://claus-cyrny.net/wordpress/wp…nepaint_01.png My question: Does anyone know where I can get all

Ubuntu Dsicussions 0 Comments

Acer wireless mouse not working

It doesn’t appear to show up at all (i’ve rebooted and tried the wireless networks). I’m trying to install it manually and I’m up to here (see pic) Attached Images

Ubuntu Dsicussions 0 Comments

System recovery after a crash using Timeshift

Crashes happen, mostly from user incompetence (I mean me) and very rarely from hardware or software faults. Restoring a system to an earlier (functional) state is often not simple. The


No Comments Yet!

You can be first to comment this post!

Leave a Reply