1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL

  • ufw (was Re: Debian openssh option review: considering splitting out GS

    From Holger Levsen@21:1/5 to Marc Haber on Sat Apr 6 09:50:36 2024
    On Thu, Apr 04, 2024 at 01:32:11PM +0200, Marc Haber wrote:
    So you have dedicated packet filters on every machine you run, even if
    sshd is the only network-facing service?

    on most machines and it was as simple as doing:

    apt install ufw
    ufw allow ssh
    ufw enable

    voila, done. rules configured like above end up in /etc/ufw/user.rules and user6.rules. quite simple, quite nice.


    --
    cheers,
    Holger

    ⢀⣴⠾⠻⢶⣦⠀
    ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
    ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
    ⠈⠳⣄

    Kinda weird that we’re all gonna experience climate change as a series of short, apocalyptic videos until eventually it’s your phone that’s recording.
    (@shocks)

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAmYOlGEACgkQCRq4Vgaa qhyWbA//eFSUytDg1M6/xtPbIvTK8JnL43hwyun8owgjdqadWZKnshftADfkt/7l gHp8Hd9NAVPJwVgs+G8pkVex1An9bumQebsgFGiTXbrMHzWAOYXAupH5R3If3JZ1 k/nkvXkt8eeeLiDlZr5pGGgbqjVSeJreGcP4hPYbwJ8f+HTlTHxmfJZQ6Qyt6ck9 Gowf0HkhhAGmOADVi07E4rCDHJfrFnaQMcUW38izwTuupWmPvYBlVSG27MX6vJJC 26yJDdR+h7S3wdr0c3Gz2pk3JnxQYjdKGf1eNZFnkGpgV1dS03IreOVjSPue13Ul +uGFSgVpfzRSc+h1TG3hTSq5G8bRgmadjtXPskziloFHq0hUCQfoJChmn3vMIWY6 44dcXbGHaKonWCtCZS3xt8Nn/4z/mXeCTQ8MkR+4HmYx+rTtQpsCBKHJVonM4uO3 RV3/1/3tPeMnvHzzzWKeNCNh4g7vrGJuof08FkGGvhCakbZ3N2XygSNwCpwqmG4y
    22tOfs/GM+