Difference between revisions of "Mesh/Server security"

← Older edit

Mesh/Server security (view source)

Revision as of 12:08, 28 November 2017

807 bytes added , 12:08, 28 November 2017

added link to Cryptoparty page for end users

Tunabananas

Bureaucrats, oversight, Administrators

1,194

edits

@@ Line 1: / Line 1: @@
-This document attempts to outline some of the steps that have been taken to enhance the security of sudomesh servers.
+This document attempts to outline some of the steps that have been taken to enhance the security of sudomesh servers. For more info on end-user security best practices, such as encrypted email and using VPNs, see the many resources available at the [[Cryptoparty]] page.
 = Automatic updates =
@@ Line 7: / Line 7: @@
    aptitude update && aptitude safe-upgrade
-= cron-apt =
+We use one of the following methods to set up automatic security upgrades.
+= unattended-upgrades method =
+Install and configure the unattended-upgrades package.
+ aptitude update && aptitude install unattended-upgrades
+ dpkg-reconfigure -plow unattended-upgrades
+Edit the file /etc/apt/apt.conf.d/50unattended-upgrades and make sure it contains a section like this:
+ Unattended-Upgrade::Allowed-Origins {
+         "${distro_id}:${distro_codename}-security";
+ //      "${distro_id}:${distro_codename}-updates";
+ //      "${distro_id}:${distro_codename}-proposed";
+ //      "${distro_id}:${distro_codename}-backports";
+ };
+= cron-apt method =
 cron-apt is installed and set up to automatically download and install security updates once every 24 hours.
-cron-apt is installed:
+cron-apt and anacron are installed:
-   aptitude install cron-apt
+   aptitude install cron-apt anacron
 then it is disabled in cron.d since we want to use anacron instead:

Difference between revisions of "Mesh/Server security"

Mesh/Server security (view source)

Revision as of 12:08, 28 November 2017

Navigation menu

Search