Securing Your Instance

Securing your instance using fail2ban and ufw

Depending on your setup, adding basic security to your instance is a good first step.

We will install and configure fail2ban and ufw.

This guide assumes you are logged in as a non-root user. If you are logged in as root, drop the sudo prefix.

sudo apt update
sudo apt install fail2ban
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
sudo apt install ufw
sudo ufw allow ssh
sudo ufw enable
  • Fail2ban will block IP addresses that continuously attempt to connect to your machine in the hopes of finding a weak password, for example.

  • ufw is a firewall management tool that blocks all ports unless allowed.

circle-exclamation

That's all. Your instance is now protected against common automated login attempts.

Check firewall and Fail2ban status:

sudo ufw status
sudo fail2ban-client status
sudo fail2ban-client status sshd

You might be surprised how many bad actors are trying to obtain access to your server!

Connecting to JupyterLab securely (SSH port forwarding)

If you run JupyterLab on the instance, forward the port over SSH. The default Jupyter port is 8888.

Run:

Then open http://localhost:8888 in your browser.

If you only have root enabled:

Last updated

Was this helpful?