[kwlug-disc] Tightening up SSH
hyperflexed at gmail.com
Mon Jul 19 08:37:38 EDT 2010
I'm relatively new to SSH, though I've come to love it very quickly.
Recently I've been seeing a lot of activity in /var/log/auth.log (of the
sshd sort). Sometimes 5 straight hours of brute force attacks. I've
currently only whitelisted a single user. While I feel reasonably safe
and nothing has cracked yet, I live in constant fear of my account
getting cracked open, at which time it would take no more than:
sudo rm -rf /
SO, just wondering what advice anyone could offer on hardening SSH. I
might be a little paranoid, but I think it's still in the range of being
P.S. How do 2 machines determine an encryption key and communicate this
to eachother without giving the key away? Are there any good articles on
how SSH works and what potential vulnerabilities are?
More information about the kwlug-disc_kwlug.org