|
Softwares          |
Main /
Securing-SSH-Service-Linux-Ubuntu-Redhat-ServerMain.Securing-SSH-Service-Linux-Ubuntu-Redhat-Server HistoryHide minor edits - Show changes to output Added lines 1-49:
(:Google1:) (:Googlemmmm:) *Securing SSH Service Linux Ubuntu Redhat Server We need to have ssh installed to secure it, for debian based distro we can install it using the command apt-get, apt-get install ssh will install ssh on the server for you. Some of the configuration files are as follows. [@ /etc/ssh$ ls -l total 160 -rw-r--r-- 1 root root 132839 2006-05-18 06:13 moduli -rw-r--r-- 1 root root 1423 2006-10-05 15:13 ssh_config -rw-r--r-- 1 root root 1909 2007-08-26 20:06 sshd_config -rw------- 1 root root 1192 2006-09-28 07:28 ssh_host_dsa_key -rw-r--r-- 1 root root 1119 2006-09-28 07:28 ssh_host_dsa_key.pub -rw------- 1 root root 1675 2006-09-28 07:28 ssh_host_rsa_key -rw-r--r-- 1 root root 399 2006-09-28 07:28 ssh_host_rsa_key.pub @] The file sshd_config should be modified to increase the security. *Make ssh listen on a given interface, if there are more than 1 interface. *Don't permit empty passwords. *Allow only certain users to have access to the machine. *Change the default port number, The default port number is 22, see http://www.iana.org/assignments/port-numbers *Protocall version 2 *Disabling root access will make the attacker's life harder. *X11 _only _ if needed *AllowUsers, AllowGroups, DenyUsers and DenyGroups directives helps you to control better who's going to have remote access to that box. *remote logins only from known/trusted hosts *Use sshd : IPaddress in /etc/hosts.allow and the line "sshd: ALL" in the /etc/hosts.deny *Enable keyfile based login (:Googlemm:) |