how do i secure sshd?
I'm running sshd so I can login to my computer remotely, but have absolutely no idea how to start securing it, and haven't taken any security measures...any ideas? Links?
|
here's a couple basic things you can get started with...
make sure you only allow protocol 2 and don't allow root logins... in your /etc/ssh/sshd_config: Code:
Protocol 2 Code:
PermitRootLogin no Code:
Port 2299 |
www.google.com/linux is a good friend. Proof:
http://www.linux.org/docs/ldp/howto/Security-HOWTO/ http://www.siliconvalleyccie.com/lin...ssh-server.htm http://www.ibiblio.org/pub/Linux/doc...HOWTO.html#ssh That should help a bit. Later :D :D :D :D |
In your sshd_config file:
1) PermitRootLogin no 2) AllowUsers list_of_users_who_can_ssh 3)Use PublicKey authentication and disable pass auth. PasswordAuthentication no PermitEmptyPasswords no 4) StrictModes yes 5) Use Only protocol 2 6) Use iptables to restrict the IPs from where somebody can ssh to your server 7) Eventually run ssh on a port other than 22 5)You can also use port knocking ( www.portknocking.org ) |
And keep you sshd up to date. Visit their site and see when new versions come out.
|
All times are GMT -5. The time now is 04:14 PM. |