--- myst: html_meta: description: Security concepts and best practices for Ubuntu Server including authentication, cryptography, VPNs, and system hardening strategies. --- (explanation-security)= # Security There are many steps you can take to strengthen the security posture of your system. In this section you will find explanations of various concepts related to security. ## General configuration * {ref}`Introduction to security ` for a high-level overview of security in Ubuntu * {ref}`security-suggestions` provides general recommendations for any Ubuntu system, from straightforward setups to more advanced and complex systems ```{toctree} :hidden: intro-to/security security/security_suggestions ``` ## Authentication * {ref}`Introduction to Kerberos `, the network authentication system * {ref}`Introduction to SSSD `, the collection of daemons that handle authentication from various network sources * {ref}`About DNSSEC `, the security extension for the Domain Name System (DNS). ```{toctree} :hidden: intro-to/kerberos intro-to/sssd DNSSEC ``` ## Cryptography * {ref}`Our cryptography section ` explains in detail about the different cryptographic libraries and configurations you might encounter. * {ref}`Certificates ` are issued, stored and signed by a Certificate Authority (CA) to create trusted connections. ```{toctree} :hidden: cryptography Certificates ``` ## Virtual Private Network (VPN) VPNs are commonly used to provide encrypted, secure access to a network. * {ref}`Introduction to WireGuard VPN `, a popular and modern VPN implementation * {ref}`OpenVPN clients ` provides a list of client implementations that can be used with a GUI across platforms. ```{toctree} :hidden: intro-to/wireguard-vpn OpenVPN clients ``` ## See also * How-to: {ref}`how-to-security`