Securing Your Instance

Securing your instance using fail2ban and ufw

Depending on your setup, adding basic security to your instance is a good first step.

We will install and configure fail2ban and ufw.

This guide assumes you are logged in as a non-root user. If you are logged in as root, drop the sudo prefix.

sudo apt update
sudo apt install fail2ban
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
sudo apt install ufw
sudo ufw allow ssh
sudo ufw enable

Fail2ban will block IP addresses that continuously attempt to connect to your machine in the hopes of finding a weak password, for example.
ufw is a firewall management tool that blocks all ports unless allowed.

ufw with default settings will not block traffic to Docker. In case you plan to run Docker containers on your instance, please make sure to configure your firewall rules appropriately.

That's all. Your instance is now protected against common automated login attempts.

Check firewall and Fail2ban status:

sudo ufw status
sudo fail2ban-client status
sudo fail2ban-client status sshd

You might be surprised how many bad actors are trying to obtain access to your server!

Connecting to JupyterLab securely (SSH port forwarding)

If you run JupyterLab on the instance, forward the port over SSH. The default Jupyter port is 8888.

Run:

ssh -L 8888:localhost:8888 <username>@<instance_public_ip>

Then open http://localhost:8888 in your browser.

If you only have root enabled:

ssh -L 8888:localhost:8888 root@<instance_public_ip>

PreviousSet up a CPU or GPU instance NextShutdown and Delete

Last updated 9 days ago

Was this helpful?

hashtagConnecting to JupyterLab securely (SSH port forwarding)

Connecting to JupyterLab securely (SSH port forwarding)