how do i secure sshd?
 

I'm running sshd so I can login to my computer remotely, but have absolutely no idea how to start securing it, and haven't taken any security measures...any ideas? Links?

here's a couple basic things you can get started with...

make sure you only allow protocol 2 and don't allow root logins...

in your /etc/ssh/sshd_config:

also, it's not a bad idea to run sshd on a non-default port so that spiders and script kiddies scanning for open 22/TCP ports don't run into you so easily... for example:

just my two cents...

www.google.com/linux is a good friend. Proof:

http://www.linux.org/docs/ldp/howto/Security-HOWTO/

http://www.siliconvalleyccie.com/lin...ssh-server.htm

http://www.ibiblio.org/pub/Linux/doc...HOWTO.html#ssh

That should help a bit.

Later

:D :D :D :D

In your sshd_config file:


1) PermitRootLogin no

2) AllowUsers list_of_users_who_can_ssh

3)Use PublicKey authentication and disable pass auth.

PasswordAuthentication no
PermitEmptyPasswords no

4) StrictModes yes

5) Use Only protocol 2

6) Use iptables to restrict the IPs from where somebody can ssh to your server

7) Eventually run ssh on a port other than 22

5)You can also use port knocking ( www.portknocking.org )

And keep you sshd up to date. Visit their site and see when new versions come out.