Top 5 Things to do after intalling Trixbox: #1

Today I’ll start a series that I’ve been meaning to commit to writing for some time. The top 5 things to do after you finish installing Trixbox.

Trixbox 2.2 is now out, so if you’ve ever thought about setting up your own VoIP system I would strongly recommend giving Trixbox a try. The Trixbox forums provide a wealth of information, and there is some documentation available from the Trixbox project itself. However, most of the documentation focuses on the installation process, and does not provide a whole lot of information about what to do after your system is installed and running.

With this in mind, I’d like to share some of the things that I think are important to ensuring that your Trixbox system is running smoothly (and securely).

First things first — we need to lock down SSH.

If your not familiar with SSH, you should brush up on this remote connection method. Right out of the gate SSH is a more secure way of connecting to a Linux machine than alternatives like Telnet, but that doesn’t mean it’s perfect.

At a minimum, the following steps should be taken to improve SSH security:

  • Run SSH on an alternate port (the default is port 22).
  • Only use the SSH 2 protocol (SSH 1 is not as secure as 2)
  • Do not allow root logins via SSH (in fact, it’s a much better approach to only allow specifically named users to log in via SSH, but never root).
  • Use public key authentication, instead of passwords.

There are a number of other helpful tips and tricks available here.

Next up, we’ll walk through the process of backing up a Trixbox system and transferring the backup to a remote machine using scp and cron.