> > *Before you can "hardening a Debian server" you have to make a "normal"* > * Debian Server out of it...* > > * Login as root in the terminal (e.g. with putty from a win machine):* > * root@arm:~# adduser prz # add a new regular user with password* > * root@arm:~# deluser debian # remove the "Testuser"* > * root@arm:~# rm -rf /home/debian* > * root@arm:~# passwd # give root a real passwd* >
If a person can not figure this out on their own, they probably deserve to get rooted, or whatever else happens to them. Some would also argue removing root. Personally I would avoid apache2 unless absolutely necessary, as it is fairly large. But then again my own rootfs is only 137MB ( bare-fs ) On Fri, May 30, 2014 at 7:15 AM, Robert Nelson <robertcnel...@gmail.com> wrote: > On Fri, May 30, 2014 at 3:13 AM, Dieter Wirz <didi.w...@gmail.com> wrote: > > Before you can "hardening a Debian server" you have to make a "normal" > > Debian Server out of it... > > > > Login as root in the terminal (e.g. with putty from a win machine): > > root@arm:~# adduser prz # add a new regular user with password > > root@arm:~# deluser debian # remove the "Testuser" > > root@arm:~# rm -rf /home/debian > > root@arm:~# passwd # give root a real passwd > > > > At this point I propose to install a "real" like apache: > > root@arm:~# apt-get install apache2 > > > > Now you can check with a portsniffer e.g. nmap what ports are open on > > your BBB but now your system should be fairly secure > > btw, in the official Debian image on beagleboard.org/latest-images , > there is an "un-tweak" script that'll undo some of the ssh things we > did to make "easier" out of the box, but less secure then a default > install. > > cd /opt/scripts/un-tweak-image/ > ./debian-re-secure-root-ssh.sh > > > https://github.com/RobertCNelson/boot-scripts/blob/master/un-tweak-image/debian-re-secure-root-ssh.sh > > Regards, > > -- > Robert Nelson > http://www.rcn-ee.com/ > > -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to beagleboard+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
