Skip to content

Commit d2cd541

Browse files
0xle0ne0xle0ne
committed
guide: secure your server with improved wording
1 parent f464dd8 commit d2cd541

File tree

1 file changed

+12
-12
lines changed

1 file changed

+12
-12
lines changed

docs/guides/infrastructure/secure-your-server.md

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -8,44 +8,44 @@ tags:
88
- guide
99
---
1010

11-
Below are the essential steps to secure your Next Hat server:
11+
This guide covers the essential steps to secure your Next Hat server.
1212

13-
## Create your user
13+
## Create a dedicated user
1414

15-
It is important to avoid using the root user for daily operations. Instead, create a new user with sudo and nanocl privileges.
15+
Avoid using the root account for daily operations. Instead, create a dedicated user with sudo and nanocl privileges.
1616

17-
Create a new user and it's home directory:
17+
1. Create a new user with a home directory:
1818

1919
```bash
2020
adduser your_username
2121
```
2222

23-
Add the new user to the sudo group:
23+
2. Add the user to the sudo group:
2424

2525
```bash
2626
usermod -aG sudo your_username
2727
```
2828

29-
Add the new user to the nanocl group:
29+
3. Add the user to the nanocl group:
3030

3131
```bash
3232
usermod -aG nanocl your_username
3333
```
3434

35-
Replace `your_username` with your desired username.
35+
Replace `your_username` with your preferred username.
3636

3737
## Set up SSH key authentication
3838

39-
To enhance security, disable password authentication and use SSH keys for logging in.
39+
For improved security, disable password authentication and use SSH keys instead.
4040

41-
1. Generate an SSH key pair on your **local machine** (if you haven't already):
41+
1. Generate an SSH key pair on your **local machine** if you haven't already:
4242

4343
```bash
4444
ssh-keygen -t ed25519
4545
```
4646

4747
:::caution
48-
DO NOT SET AN EMPTY PASSPHRASE FOR YOUR SSH KEY. SOME MALICIOUS ACTORS MAY STEAL YOUR PRIVATE KEY AND ACCESS YOUR SERVER.
48+
Never use an empty passphrase for your SSH key. If your private key is compromised, attackers could gain access to your server.
4949
:::
5050

5151
2. Copy the public key to your server:
@@ -60,14 +60,14 @@ ssh-copy-id -i ~/.ssh/<your_key>.pub your_username@your_server
6060
sudo vim /etc/ssh/sshd_config
6161
```
6262

63-
4. Find and modify the following lines:
63+
4. Locate and update the following lines:
6464

6565
```plaintext
6666
PasswordAuthentication no
6767
PermitRootLogin no
6868
```
6969

70-
5. Restart the SSH service:
70+
5. Restart the SSH service to apply the changes:
7171

7272
```bash
7373
sudo systemctl restart ssh

0 commit comments

Comments
 (0)