YunoHost/doc
1
0
Fork 0
mirror of https://github.com/YunoHost/doc.git synced 2024-09-03 20:06:26 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'YunoHost:master' into master

Browse source
This commit is contained in:
Leandro Noferini 2024-02-04 10:57:01 +01:00 committed by GitHub
commit b389477bc3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
pages/02.administer/45.tutorials/60.security/security.fr.md
View file

@ -61,7 +61,8 @@ sudo yunohost settings set security.ssh.password_authentication -v no
### Modifier le port SSH
Pour éviter des tentatives de connexion SSH par des robots qui scannent tout Internet pour tenter des connexions SSH avec tout serveur accessible, on peut modifier le port SSH.
C'est géré par un paramètre système, qui se charge de configurer les services SSH et Fail2Ban.
C'est géré par un paramètre système, qui se charge de configurer les services SSH et Fail2Ban.
Il n'est pas utile de modifier ce port si vous avez désactivé l'authentification par mot de passe.
```bash
sudo yunohost settings set security.ssh.port -v <votre_numero_de_port_ssh>
@ -84,11 +85,13 @@ La configuration TLS par défaut des services tend à offrir une bonne compatibi
Changer le niveau de compatibilité n'est pas définitif et il est possible de rechanger le paramètre si vous concluez qu'il faut revenir en arrière.
**Sur votre serveur**, modifiez la politique pour NGINX :
```bash
sudo yunohost settings set security.nginx.compatibility -v modern
```
**Sur votre serveur**, modifiez la politique pour SSH :
```bash
sudo yunohost settings set security.ssh.compatibility -v modern
```

6
pages/02.administer/45.tutorials/60.security/security.md
View file

@ -51,12 +51,14 @@ Type your admnistration password and your key will be copied onto your server.
```bash
sudo yunohost settings set security.ssh.password_authentication -v no
```
---
### Modify the SSH port
To prevent SSH connection attempts by robots that scan the internet for any server with SSH enabled, you can change the SSH port.
This is handled by a system setting, which takes care of updating the SSH and Fail2Ban configuration.
This is handled by a system setting, which takes care of updating the SSH and Fail2Ban configuration.
There's no need to change this port if you've disabled password authentication.
! If you modify anything in the `/etc/ssh/sshd_config` file, even if only the port, YunoHost will no longer manage this file. For this reason, always use the YunoHost admin tools to make changes to the systems configuration files!
@ -81,11 +83,13 @@ The default TLS configuration for services tends to offer good compatibility to
Changing the compatibility level is not definitive and can be reverted if it doesn't fit with your environment.
**On your server**, change the policy for NGINX
```bash
sudo yunohost settings set security.nginx.compatibility -v modern
```
**On your server**, change the policy for SSH
```bash
sudo yunohost settings set security.ssh.compatibility -v modern
```

2
pages/02.administer/50.troubleshooting/10.admin_password/change_admin_password.it.md
View file

@ -22,5 +22,5 @@ Poi vai su Strumenti > Cambia password amministrazione.
```bash
yunohost tools adminpw
yunohost tools rootpw
```