Jon's Wiki
Difference between revisions of "SSH"

Difference between revisions of "SSH"

From Jon's Wiki
(Created page with "Harden your SSH, consider these in your <tt>/etc/ssh/sshd_config</tt> file. PubkeyAuthentication yes PasswordAuthentication no PermitRootLogin no PermitEmptyPasswords no ...")
(No difference)

Revision as of 01:44, 7 April 2016

Harden your SSH, consider these in your /etc/ssh/sshd_config file. 

PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin no
PermitEmptyPasswords no
AllowUsers alice bob carol
X11Forwarding no

Use keys, it's the 21st Century now. Also, you can tar-pit wankers trying to hammer their way in. This will drop anyone trying to connect more than three times in 30 seconds: 

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 3 -j DROP
Retrieved from "https://wiki.jon.geek.nz/index.php?title=SSH&oldid=2142"