5 Basic practices for sysadmins


Over the internet You’d hear hundreds of sysadmins expressing their own opinion regarding this but Here is my take on The basic practices for every sysadmin.

1. Don’t use Plain-text password on SSH

Use a Key pair for added security, I recommend using something like krypton

2. Block by Default, Allow conditionally

This is important, By default, Block all connections in both directions. Then, allow selectively the ports that you need. (e.g. 22,80,443 etc.)

3. Update Regularly

I can’t emphasize this more, Every update is Important, make it a habit to update your servers at least once a month & keep an eye on various Journals for security disclosures.

4. Make a Disaster recovery plan

You never know when a vulnerability will strike You so always prepare n advance. It’s very important to set up automated backup, fail over and security audits in advance. This will save you from embarrassment later.

5. Always log out

This sounds really stupid but is very important. If you properly terminate sessions then you’re making sure that nobody else can get into your leftover active session and using it as a gateway.

Additionally, It’s a good habit not to use the full access accounts and use privilege escalation whenever higher authority is required. e.g. never use root account, rather set up a user and add it to sudo group.

Got advices of your own? Leave them in the comments below.


BTW, what is sysadmins? and what is it used for - Please, try to expatiate on this terms, I don’t know them! ::sob:


Sysadmin = System Administrator.

A Person (or a Group of persons or a Robot or a Group of robots) that Administers the Operation & Maintenance of a System. (usually a Computer system or Network system but can be any system).

Per Wikipedia:


OK! Grab it. Thanks!