2023-10

Apache2 InstallAllow http:80 port and https:443 port in UFW first.3 Apache2 : Using Perl ScriptsEnable CGI to make Perl scripts available①Perl Install4 Apache2 : Using PHP Scripts①PHP Install5 Apache2 : Virtual Host Settings①Copy the default configuration file (file name is arbitrary, in this case vhost-yourdomain.conf as an example) and configure the virtual host6. Digest authentication with Apache2Since Basic Authentication, a well-known authentication authentication method for http, transmits authentication information in plain text, there is a risk of ID and password leakage if the packet is intercepted.On the other hand, Digest Authentication encrypts the authentication information and sends it in encrypted form, so there is almost no risk of information leakage.

1.Install NTP server2. Install FTP server vsftpd2.1Installation and configuration①Install2.2 Vsftpd Over SSL/TLS①Create a self-signed certificate.If you are using a trusted, legitimate certificate such as Let's Encrypt, you do not need to do this work.3. File server installation with SambaBuild a file server with access rights that requires user authentication with Samba.Installation Procedure(1) Create a shared folder with access rights that requires user authentication.(2) Create a group with access rights(3)Create users belonging to groups that can be accessed(4)Edit configuration file

SSH connection with authentication using public key cryptography Creation of public and private key pairsCreate a public/private key pair for a user connecting to the Linux server using OpenSSH.Use ssh-keygen to create key pairs.This time, we will create a key set using the RSA cipher used in the SSH protocol Version 2.Creation of public/private key pairs is performed with remote login user privileges (huong).If you do not specify the destination and file name, id_ed25519,id_ed25519.pub will be created in /home/huong/.ssh/. On the way, enter the password for the key.

1. SSH Service Security SettingsThe SSH service allows the root user to log in by default, and since the root user already knows the user name and can log in to the server with administrative privileges once the password is known, we will deny this setting.1.1 Creating a General UserIf you have created a general user when installing Ubuntu 23, this procedure is not necessary.If you have already created a user at the time of OS installation, this procedure is not necessary. If you have already created a user during OS installation, this procedure is not necessary.2. Firewall SettingsUbuntu often uses software called "ufw" to configure the firewallUFW is installed when the OS is installed.Here are the steps to configure minimal filter settings after installation.

1. Set root password and use SU commandIn the default configuration of Ubuntu, the root user is unavailable because no password has been set.By setting a password for the root user, transitions using the traditional [su] command will be possible.3. Make locate command availableThe find command is often used to search for specific files throughout the Linux system, but find is somewhat confusing in terms of specifying options.The locate command can extract all files with a specified filename.5. Network Settings5.1 Host Name SettingsThis procedure is not necessary if you have already set the hostname at the time of Ubuntu installation and wish to use the hostname as it is.To change the hostname, use the "hostnamectl set-hostname" command.As an example, we set "ubuntu-10" as the hostname.5.2 Set IP address to network interfaceIf a fixed IP address was specified during Ubuntu installation, this section is not necessary.To change the IP address, change the " /etc/netplan/00-installer-config.yaml" file, and then restart the network interface (enp0s3 in this environment).The network interface name will change depending on the environment in which the setup was performed, so check the interface name first.