Skip to content
First things first. Immediately after logging in via ssh I changed the default root password and installed fail2ban to slow down ssh brute forcing. Then I created user for myself and added my ssh keys. Next up ware ssh configs: disabling root login, password authentication and changing the default port - the usual stuff. Last piece of essential security stuff was enabling automatic security updates with unattended-upgrades package. Right after security comes ease of use so just incase I ever need to login via a miserable mobile connection I installed mosh.