01 — Bazinė sistema

Ubuntu 24.04 LTS bazinis setup nuo nulio.

Žingsniai

1. Sistema atnaujinama

sudo apt update && sudo apt upgrade -y
sudo apt install -y curl wget git unzip tar htop btop tmux ufw fail2ban \
  ca-certificates gnupg lsb-release

2. Administracinis vartotojas

adduser adminuser
usermod -aG sudo adminuser

3. SSH hardening

ssh-keygen -t ed25519 -C "kvm4-adminuser"
ssh-copy-id adminuser@<SERVER_IP>

/etc/ssh/sshd_config.d/99-hardening.conf:

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
MaxAuthTries 3
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
MaxSessions 2
LogLevel VERBOSE

4. UFW ugniasienė

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw limit 22/tcp
sudo ufw enable

5. Swap (4 GB)

sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
echo 'vm.swappiness=10' | sudo tee /etc/sysctl.d/99-swappiness.conf
sudo sysctl -p /etc/sysctl.d/99-swappiness.conf

6. Fail2ban

sudo systemctl enable --now fail2ban

7. Automatiniai atnaujinimai

sudo apt install unattended-upgrades -y
sudo dpkg-reconfigure unattended-upgrades

Po šio etapo — 02 — DayZ serveris

vmsa brain

Naršyklė

01 — Bazinė sistema

Žingsniai

1. Sistema atnaujinama

2. Administracinis vartotojas

3. SSH hardening

4. UFW ugniasienė

5. Swap (4 GB)

6. Fail2ban

7. Automatiniai atnaujinimai

Grafiko Vaizdas

Turinys

Atgalinės Nuorodos