cc_staff
172
edits
Security considerations when running a VM: Difference between revisions
Security considerations when running a VM (view source)
Revision as of 15:15, 13 July 2020
, 4 years agoUpdated the version of Ubuntu
No edit summary |
(Updated the version of Ubuntu) |
||
| Line 13: | Line 13: | ||
* Apply security updates on a regular basis (see [[Security considerations when running a VM#Updating your VM| updating your VM]]). | * Apply security updates on a regular basis (see [[Security considerations when running a VM#Updating your VM| updating your VM]]). | ||
* Avoid using packages from unknown sources. | * Avoid using packages from unknown sources. | ||
* Use a recent image; for example, don't use Ubuntu 14.04 when Ubuntu | * Use a recent image; for example, don't use Ubuntu 14.04 when Ubuntu 18.04 is available. | ||
* Use [https://docs.computecanada.ca/wiki/SSH_Keys SSH key] authentication instead of passwords. Cloud instances use SSH key authentication by default, and enabling password-based authentication is significantly less secure. | * Use [https://docs.computecanada.ca/wiki/SSH_Keys SSH key] authentication instead of passwords. Cloud instances use SSH key authentication by default, and enabling password-based authentication is significantly less secure. | ||
* Install [https://www.fail2ban.org fail2ban] to block [https://en.wikipedia.org/wiki/Brute-force_attack brute-force attacks]. | * Install [https://www.fail2ban.org fail2ban] to block [https://en.wikipedia.org/wiki/Brute-force_attack brute-force attacks]. | ||