Image: Jack Wallen
So you just installed Ubuntu Desktop 18.04. You're probably assuming that desktop is already pretty secure. That assumption is, for the most part, correct. However, we all know that any computer connected to a network is insecure. We must always do everything we can to secure those desktops. Although out of the box, a Ubuntu desktop is going to be exponentially more secure than, say a Windows desktop, that doesn't mean you shouldn't take extra steps to secure it.
SEE: Information security policy template download (Tech Pro Research)
In fact, there's one particular step you can take, as soon as that desktop is deployed, to make it more secure. That step is to enable the firewall. That's right, you read between those lines. Out of the box, the Ubuntu Desktop firewall (aka Uncomplicated Firewall - or ufw) is inactive. I know, crazy right? Don't believe me? Check out Figure A.
Figure A
The firewall is inactive.
Issuing the command sudo ufw status indicates that the firewall on a fresh Ubuntu Desktop 18.04 installation is inactive. Fortunately, activating that is pretty simple.
Activating the firewall
In order to activate the UFW firewall, issue the command:
sudo ufw enable
At this point, the firewall is active and will also start on a system reboot (Figure B). However, there's one tiny issue: The firewall is now running and blocking all incoming traffic.
Figure B
Our firewall is now running.
Enabling SSH connections
Say, for example, you need to remote into that desktop (for admin or other reasons). You'll most likely use SSH to gain access, but with the basic firewall setup, SSH connections are denied. In other words, you need to allow for secure shell connections into the desktop. To do this, you can make use of the ufw command like so:
sudo ufw allow ssh
You should see the rule has been added (Figure C).
Figure C
Our new rule has been added.
At this point, you can now secure shell into the desktop machine. Of course, to make SSH connections more secure, always use SSH Key Authentication.
And that's it. Your Ubuntu Desktop is now much more secure . Of course, this does not cover everything. There are quite a number of other steps you can take to better secure your Ubuntu Desktop (using a more secure web browser, encrypting data, limit access to the su command, using DNS-over-TLS, and much more). But for those looking for a quick secure fix, you cannot go wrong with enabling the firewall on the Ubuntu Desktop.
Open Source Weekly Newsletter
You don't want to miss our tips, tutorials, and commentary on the Linux OS and open source applications. Delivered Tuesdays
Sign up today
0 Comments