Jon's Wiki
SSH

SSH

From Jon's Wiki
Revision as of 01:44, 7 April 2016 by Johnno (talk | contribs) (Created page with "Harden your SSH, consider these in your <tt>/etc/ssh/sshd_config</tt> file. PubkeyAuthentication yes PasswordAuthentication no PermitRootLogin no PermitEmptyPasswords no ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Harden your SSH, consider these in your /etc/ssh/sshd_config file. 

PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin no
PermitEmptyPasswords no
AllowUsers alice bob carol
X11Forwarding no

Use keys, it's the 21st Century now. Also, you can tar-pit wankers trying to hammer their way in. This will drop anyone trying to connect more than three times in 30 seconds: 

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 3 -j DROP
Retrieved from "https://wiki.jon.geek.nz/index.php?title=SSH&oldid=2142"