EC2 instance safety instructions

  1. Add non-default user and add it to sudo group
    [bash]
    sudo adduser USERNAME
    sudo usermod -a -G sudo USERNAME
    # switch user
    su USERNAME
    [/bash]

  2. Edit /etc/ssh/sshd_config
    [bash]
    # change port to non-default port ie 3434
    # & add this port to your instance Security Groups > Inbound
    Port 3434

    # enable password authentication
    PasswordAuthentication yes

    # restart ssh
    sudo service ssh restart

    ###
    # make sure you can login with
    # your new username before continuing
    ###

    # disable root login without password by commenting:
    #PermitRootLogin without-password

    # restart ssh
    sudo service ssh restart
    [/bash]

  3. Secure MySQL isntallation
    [bash]sudo mysql_secure_installation[/bash]

  4. Reboot
    [bash]sudo reboot[/bash]
Advertisements