Server operating systems come with many advancements, which provide the functionality to monitor users’ activities, automatically monitor the resources, and monitor network resources. The Ubuntu Server 22.04, is the latest and the most popular server operating system due to its universal performance and security features. The latest security patches aid make it hard to compromise the vulnerabilities, but some security measures must be carried out.

Quick Answer

To secure your Ubuntu Server, run sudo apt-get update && apt-get upgrade to install patches, disable root SSH login in /etc/ssh/sshd_config, change the default SSH port, and monitor running services with service --status-all.

How to Secure Your Ubuntu Server?

Every system that is connected to the Internet has some vulnerabilities. These vulnerabilities can compromise the security of the systems. The servers are the most important for any organization because all the confidential files are stored and shared through a server. It has been observed many times that the loss of information due to a lack of security has generated a major loss. It is a good practice to secure the servers so that we can minimize the risk of vulnerabilities. If you have installed Ubuntu Server 22.04, follow these steps to secure it:

Install Updates

The process of installing updates regularly can mitigate many existing vulnerabilities. The developers work on the existing bugs regularly and release security patches to cope with the existing bugs. In order to update the system, execute the following command:

$ sudo apt-get update

The command will install the updates:

Terminal output of sudo apt-get update on Ubuntu Server 22.04

After the installation, upgrade the system, and type the following command in the terminal:

$ sudo apt-get upgrade

The command will upgrade all the packages that are required to be upgraded:

Terminal output of sudo apt-get upgrade on Ubuntu Server 22.04

Root Account Privileges

There must be only the root user to have root privileges. If you want to check out the accounts that have the root privileges type the following command in the terminal:

$ awk -F: '($3 == "0") {print}' /etc/passwd

The command displays the users with the root privileges:

Terminal output of awk command showing root privilege accounts on Ubuntu Server 22.04

SSH Configuration

In the servers, the Secure Socket Shell (SSH) has an important role. All the incoming and outgoing network traffic interacts with the SSH. We can minimize the chance of any network attack by configuring the SSH. Type the following command and open the configuration file in the nano text editor:

$ sudo nano /etc/ssh/sshd_config

The command will open the configuration file in nano text editor. Find the line “PermitRootLogin no“, and comment out it, by removing the “#” in the beginning. It will disable the Root Login permission to the SSH.

nano editor showing sshd_config with PermitRootLogin no on Ubuntu Server 22.04

In the next step, find the line “AllowUsers” in this file and comment it out also, by removing the “#” symbol, and we allow the root user only. For this purpose type the name of the root user and save the file. This process will change the permissions for the SSH.

nano editor showing sshd_config with AllowUsers root on Ubuntu Server 22.04

Now, we’ll also change the default port, find “Port” and change it accordingly. The default port number has the value 22. It is suggested to change it. Change the value of the default port number, save the file by pressing “Ctrl + O“, and press the Enter key:

nano editor showing sshd_config with default SSH port setting on Ubuntu Server 22.04

Locate the line “PermitEmptyPasswords no” and comment out the line. This will specify that no user can log in without passwords. Every user must be able to log in with the correct login credentials. Save the file and close the configuration file:

nano editor showing sshd_config with PermitEmptyPasswords no on Ubuntu Server 22.04

In the next step, we will restart the SSH service by typing the following command:

$ sudo service ssh restart

The command will start the SSH services with the new configuration settings:

Terminal output of sudo service ssh restart on Ubuntu Server 22.04

Monitoring Services

Services are the tasks that are in running state or being executed. You can monitor the services by listing them down. You can monitor the activities of different users connected to the server through the network by listing down the services. The activities that are performed by the users of the server are managed by log files. These log files can be listed by opening services in the terminal. If you want to monitor services that are running, you can list them down by typing the following command in the terminal:

$ service --status-all

The command will list down all the services:

Terminal output of service --status-all listing all services on Ubuntu Server 22.04

If you want to view only the services that are in running state, type the following command:

$ service --status-all | grep "[+]"

The command will display only tasks that are running on your server:

Terminal output of service --status-all grep showing running services on Ubuntu Server 22.04

By following these steps, you can advance the security measures on your Ubuntu Server 22.04.

Related Linux guides