💡
COTI FAQ
  • 💡COTI FAQ
  • 🎁135000 COTI GIVEAWAY
  • NFT Projects
  • Giveaway Details
  • Participating NFTs
  • Prizes
  • 🏢COTI
    • Introduction
    • The COTI foundation
    • COTI V2
      • Introduction
      • COTI V2
      • Use Cases
      • Garbling Protocol
      • Roadmap
      • Information for Developers
    • Programs
      • Ambassadors Program
      • Builders Program
      • Creators Program
    • Contact and Channels
      • Official Contact
      • Unofficial Channels and Bots
  • 🔵COTI coin
    • COTI Tokenomics
    • Exchanges
    • Bridge and ERC20 COTI
      • ERC20 COTI
      • Bridge: V1 -> V2
      • Bridge: Native V2 <--> ERC20
  • 👛Treasury
    • Treasury: General Information
    • Treasury deposits
      • Deposit COTI
      • Withdraw COTI
      • Deposit gCOTI
      • Withdraw gCOTI
      • APY and health factor top up calculator
      • gCOTI APY boost
      • APY boost calculator
      • Two Factor Authentication
    • Treasury Fees
  • 🟢gCOTI
    • gCOTI
      • gCOTI Tokenomics
      • How to get gCoti
    • Utility
      • gCOTI APY boost
        • gCOTI APY boost
        • APY boost calculator
        • Deposit gCOTI
        • Withdraw gCOTI
      • Governance
      • Liquidations (planned)
    • gCOTI fees
    • Contracts
      • gCOTI on COTI
      • ERC20 gCOTI
    • Contracts and bridge
      • Bridge: V1 -> V2
      • Native V2 <--> ERC20
  • 💰Djed and Shen
    • DJED
      • DJED
      • Types of stablecoins
      • Overcollateralization
      • Minting and Burning
      • DJED on BNB chain
    • SHEN
      • SHEN and its Rewards
      • Minting and Burning
    • Exchanges
  • 💻Node operation
    • Setup
      • Requirements and Setup
      • Node security
    • Maintenance
      • Monitoring
      • Updates
    • Mobile connection
Powered by GitBook
On this page
  1. Node operation
  2. Setup

Node security

PreviousRequirements and SetupNextMaintenance

Last updated 1 month ago

Always backup your server before making changes in case anything goes wrong!

A) SSH Keys: (Make sure to complete the step in which you copy your SSH key to the other Ubuntu username you created during setup - this will be necessary to disable root login later.)

B) Change SSH Port:

In Ubuntu 24.04. use these commands to use the SSH service

systemctl daemon-reload
systemctl restart ssh.socket

C) Ubuntu Pro and Livepatch:

D) Fail2ban: (Ubuntu pro has already been activated if you followed the instructions in C)

E) Disable root login:

1.) Log in with root access (username: root)

2.) Set a password for the Ubuntu user you created during setup. (If you are unsure create a new user with the instructions at the bottom of the page and then continue with step 3.) Replace USERNAME with the actual username. Hit Enter, type in the password and hit enter again. From now on you need to enter this password if you want to perform a command that needs root access.

passwd USERNAME

3.) Type in:

sudo nano /etc/ssh/sshd_config

4.) Look for "PermitRootLogin" (CTRL+W - type in PermitRootLogin - Enter). Then change yes to no.

5.) Save (CTRL+X), y, Enter

6.) Restart the sshd service:

sudo systemctl restart sshd

7.) Check if root access with your other user name works. Switch to your other user. (Replace USERNAME with the actual username).

su - USERNAME

8.) Verify that this user has superuser privileges:

sudo ls -la /root

If this worked, continue with step 9. If this didn't work, add your new user to the sudo group to get superuser privileges (replace USERNAME with the actual username).

usermod -aG sudo USERNAME

9.) Now the root login is not possible anymore. You need to login with your username, and once logged in you need to enter your password if you want to get root access.

-------------------------------------------------------------------------------

If the above steps didn't work you can also create a new user and add it to the sudo group.

1.) Log in with root access (user: root)

2.) After typing this in, follow the instructions (you can also just press Enter), replace USERNAME with your preferred username:

sudo adduser USERNAME

3.) Add your new user to the sudo group to get superuser privileges (replace USERNAME with the actual username):

usermod -aG sudo USERNAME

4.) Copy the SSH keys to your new username by copying and pasting the whole code below. When asked, type in the new username you have just created:

sudo wget https://raw.githubusercontent.com/Geordie-R/CopyRootSSH/master/copyrootssh.sh && sudo chmod +x copyrootssh.sh && sudo ./copyrootssh.sh && sudo rm copyrootssh.sh

5.) Then continue with step 2 (set password for new username) from the instructions above

💻
https://geordie-r.medium.com/coti-node-hardening-guide-part-1-53663af71abf
https://geordie-r.medium.com/coti-node-hardening-guide-part-2-78169c6d064f
https://coti.nebula-tech.io/knowledgebase/ubuntu-pro
https://geordie-r.medium.com/coti-node-hardening-guide-part-3-badaae9e1d77