https://blog.serviciosrogeliowar.com/en/tags/ssh/Recent content in Ssh on Servicios RogeliowarHugo -- gohugo.ioen© 2026 Rogelio Guerra RiverónTue, 19 May 2026 00:00:00 +0000https://blog.serviciosrogeliowar.com/en/posts/conectar-el-movil-a-ssh-desde-cualquier-lugar-con-wireguard-y-termius/Tue, 19 May 2026 00:00:00 +0000https://blog.serviciosrogeliowar.com/en/posts/conectar-el-movil-a-ssh-desde-cualquier-lugar-con-wireguard-y-termius/<h2 class="relative group">The Problem <div id="the-problem" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#the-problem" aria-label="Anchor">#</a> </span> </h2> <p>I needed to access my home server via SSH from my mobile phone without exposing it directly to the internet. The obvious options were bad: opening port 22 to the world is suicidal, and trusting third-party apps with root access didn&rsquo;t convince me. The solution that worked: WireGuard + Termius.</p> <h2 class="relative group">Why This Combination <div id="why-this-combination" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#why-this-combination" aria-label="Anchor">#</a> </span> </h2> <p>WireGuard is lightweight, fast, and consumes little battery on mobile devices. Termius is a polished SSH client that handles private keys well. Together, you have secure access without complications.</p>https://blog.serviciosrogeliowar.com/en/posts/hardening-servidores-linux/Fri, 01 May 2026 00:00:00 +0000https://blog.serviciosrogeliowar.com/en/posts/hardening-servidores-linux/<h1 class="relative group">Server Security Hardening: Essential Steps <div id="server-security-hardening-essential-steps" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#server-security-hardening-essential-steps" aria-label="Anchor">#</a> </span> </h1> <p>Having a server exposed to the Internet without minimal security configuration is leaving the door wide open. In this article, I&rsquo;ve compiled the steps I apply on my own servers to reduce the attack surface without complicating day-to-day management.</p> <h2 class="relative group">SSH: the first line of defense <div id="ssh-the-first-line-of-defense" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#ssh-the-first-line-of-defense" aria-label="Anchor">#</a> </span> </h2> <p>The SSH service is the most attacked entry point on any Linux server. These are the most important settings in <code>/etc/ssh/sshd_config</code>:</p>https://blog.serviciosrogeliowar.com/en/posts/fail2ban-para-proteger-ssh-y-nginx-configuracion-practica-en-ubuntu/Thu, 30 Apr 2026 00:00:00 +0000https://blog.serviciosrogeliowar.com/en/posts/fail2ban-para-proteger-ssh-y-nginx-configuracion-practica-en-ubuntu/<h2 class="relative group">The Problem: Brute Force Attacks <div id="the-problem-brute-force-attacks" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#the-problem-brute-force-attacks" aria-label="Anchor">#</a> </span> </h2> <p>After exposing my Ubuntu server to the internet, I spent a night reviewing logs. SSH received failed login attempts every second. Nginx also had suspicious requests to common routes. I needed something to block these attempts automatically. Fail2ban was my solution.</p> <h2 class="relative group">Installation <div id="installation" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#installation" aria-label="Anchor">#</a> </span> </h2> <div class="highlight-wrapper"><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt update </span></span><span style="display:flex;"><span>sudo apt install fail2ban </span></span><span style="display:flex;"><span>sudo systemctl start fail2ban </span></span><span style="display:flex;"><span>sudo systemctl enable fail2ban</span></span></code></pre></div></div> <p>Verify that it&rsquo;s running:</p>https://blog.serviciosrogeliowar.com/en/posts/autenticacion-ssh-por-clave-publica-desactivar-contrasenas-en-ubuntu-server/Thu, 30 Apr 2026 00:00:00 +0000https://blog.serviciosrogeliowar.com/en/posts/autenticacion-ssh-por-clave-publica-desactivar-contrasenas-en-ubuntu-server/<h2 class="relative group">Why Switch to Key-Based Authentication <div id="why-switch-to-key-based-authentication" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#why-switch-to-key-based-authentication" aria-label="Anchor">#</a> </span> </h2> <p>After months of maintaining a home server with open SSH access, I got tired of brute force password attacks. Switching to public key authentication was the best security decision I made. Keys are mathematically impossible to crack through brute force, while passwords are always a target.</p> <h2 class="relative group">SSH Key Generation <div id="ssh-key-generation" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#ssh-key-generation" aria-label="Anchor">#</a> </span> </h2> <p>First, generate a key pair on your local machine (not on the server):</p>