Useful Links
Computer Science
Operating Systems
Linux
Linux Security
1. Introduction to Linux Security
2. User and Group Management
3. Filesystem and Data Security
4. Mandatory Access Control (MAC) Frameworks
5. Network Security
6. System Auditing, Logging, and Monitoring
7. System Hardening
8. Advanced Security Topics
User and Group Management
User Account Administration
Creating Users
useradd Command
Default Settings Configuration
Customizing User Creation
Home Directory Setup
Shell Assignment
Modifying Users
usermod Command
Changing User Information
Managing User Groups
Account Status Management
Locking and Unlocking Accounts
Deleting Users
userdel Command
Removing User Files
Handling Orphaned Files
Backup Considerations
User Account Files
/etc/passwd Structure
/etc/shadow Structure
Password Field Formats
Security of Account Files
File Permissions and Ownership
User Environment Security
Shell Configuration Files
Environment Variable Security
PATH Security
Startup Script Security
Group Account Administration
Creating Groups
groupadd Command
Primary vs Secondary Groups
Group ID Assignment
Modifying Groups
groupmod Command
Renaming Groups
Changing Group IDs
Group Membership Management
Deleting Groups
groupdel Command
Impact on User Accounts
File Ownership Considerations
Group Files
/etc/group Structure
/etc/gshadow Structure
Group Password Security
Password Security
Password Policies
chage Command
Minimum and Maximum Age
Expiration Warnings
Forced Password Changes
Account Expiration
Password Hashing
DES Algorithm
MD5 Algorithm
SHA-256 Algorithm
SHA-512 Algorithm
bcrypt Algorithm
scrypt Algorithm
Argon2 Algorithm
Password Strength Enforcement
Complexity Requirements
Dictionary Attack Prevention
Password History
Reuse Prevention
Account Lockout Policies
Password Storage Security
Shadow File Protection
Hash Salt Usage
Timing Attack Prevention
Privileged Access Management
Root User Security
Risks of Root Access
Limiting Root Login
Root Password Management
Emergency Access Procedures
User Switching
su Command
Security Implications
Configuration Options
Logging and Auditing
Sudo Configuration
sudo Command Usage
Sudoers File Syntax
User and Group Specifications
Command Restrictions
Environment Control
Logging Configuration
Advanced Sudo Features
User Aliases
Group Aliases
Command Aliases
Host Aliases
Defaults Configuration
Timestamp Management
Pluggable Authentication Modules (PAM)
PAM Architecture
Module Types
Control Flags
Stacking Behavior
Return Value Handling
PAM Configuration
/etc/pam.d/ Directory
Service Configuration Files
Module Arguments
Include Directives
Common PAM Modules
pam_unix
pam_tally2
pam_faillock
pam_cracklib
pam_pwquality
pam_limits
pam_time
pam_access
PAM Security Considerations
Module Ordering
Bypass Prevention
Error Handling
Logging Configuration
Previous
1. Introduction to Linux Security
Go to top
Next
3. Filesystem and Data Security