documentation.suse.com / SUSE Linux Enterprise Desktop Documentation / Security and Hardening Guide / Network security
Applies to SUSE Linux Enterprise Desktop 15 SP5

Part III Network security

  • 21 X Window System and X authentication
  • 22 Securing network operations with OpenSSH
  • OpenSSH is the SSH (secure shell) implementation that ships with SUSE Linux Enterprise Desktop, for securing network operations such as remote administration, file transfers, and tunneling insecure protocols. SSH encrypts all traffic between two hosts, including authentication, to protect against eavesdropping and connection hijacking. This chapter covers basic operations, plus host key rotation and certificate authentication, which are useful for managing larger SSH deployments.

  • 23 Masquerading and firewalls
  • 24 Configuring a VPN server
  • Internet connections are easily available and affordable. However, not all connections are secure. Using a Virtual Private Network (VPN), you can create a secure network within an insecure network such as the Internet or Wi-Fi. It can be implemented in different ways and serves several purposes. In this chapter, we focus on the OpenVPN implementation to link branch offices via secure wide area networks (WANs).

  • 25 Managing a PKI with XCA, X certificate and key manager
  • Managing your own public key infrastructure (PKI) is traditionally done with the openssl utility. For admins who prefer a graphical tool, SUSE Linux Enterprise Desktop 15 SP5 includes XCA, the X Certificate and Key management tool (https://hohnstaedt.de/xca).

    XCA creates and manages X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smartcards and certificate revocation lists (CRLs). XCA supports everything you need to create and manage your own certificate authority (CA). XCA includes customizable templates that can be used for certificate or request generation. This chapter describes a basic setup.

  • 26 Improving network security with sysctl variables
Documentation survey