Student Name: Mehedi Hasan Rakib
Student ID: A00022820
Module: CMPN202 – Operating Systems
This week focuses on deploying the Ubuntu Server and implementing foundational security controls. All system administration tasks were performed remotely via SSH from the Windows workstation, enforcing command-line proficiency and professional remote administration practices. The objective is to secure access, restrict privileges, and protect the server from unauthorised access.
To follow the principle of least privilege, a non-root administrative user was created. Direct root login was avoided to reduce security risk.
bash sudo usermod -aG sudo student
groups student
Key-based authentication was implemented to replace password-based login, significantly improving SSH security.
ssh-keygen -t ed25519
ssh-copy-id student@192.168.56.102
ssh student@192.168.56.102
The SSH daemon configuration was hardened to reduce the attack surface.
sudo nano /etc/ssh/sshd_config
PermitRootLogin no PasswordAuthentication no PubkeyAuthentication yes
sudo systemctl restart ssh
A firewall was configured to restrict access and protect the server.
sudo ufw enable
sudo ufw allow from 192.168.56.1 to any port 22
sudo ufw default deny incoming
sudo ufw status verbose
All configuration tasks were executed remotely via SSH from the Windows workstation. Successful connections using key-based authentication confirmed that the SSH hardening and firewall rules were correctly applied.
This week reinforced the importance of secure access control and least-privilege administration. Disabling root login, enforcing SSH key-based authentication, and restricting firewall access significantly reduced the system’s attack surface. Performing all configuration tasks remotely strengthened my command-line proficiency and reflected industry-standard server administration practices.