You're currently viewing a stripped down version of our content.
View the full version with proper formatting.
Quote:In this article I'll show you some simple tricks to help you tighten security for your secure shell (SSH) service.
The SSH server configuration file is located in /etc/ssh/sshd_conf. You need to restart the SSH service after every change you make to that file in order for changes to take effect.
Change SSH listening port
By default, SSH listens for connections on port 22. Attackers use port scanner software to see whether hosts are running an SSH service. It's wise to change the SSH port to a number higher than 1024 because most port scanners (including nmap) by default don't scan high ports...
full article:
http://www.linux.com/article.pl?sid=07/03/26/1423232
More tips:
Quote:DenyHosts is a python script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
Denyhosts acts as a dynamic blocker for SSH and other services. It relies on the /etc/hosts.deny and hosts.allow. It dynamically builds a list of hosts that repeatedly connect to your server. By default the service will block connections from IP sources that are repeated attempting to connect and access your host. The denyhosts process is configured in /etc/denyhosts.conf...
full article:
http://www.ubuntugeek.com/securing-ssh.html
A related how to:
Quote:Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place...
full article:
http://www.howtoforge.com/ssh-best-practices