[kwlug-disc] Tightening up SSH

Dave Cramer davec at visibleassets.com
Mon Jul 19 08:55:22 EDT 2010


On Mon, Jul 19, 2010 at 8:37 AM, Johnny Ferguson <hyperflexed at gmail.com> wrote:
> I'm relatively new to SSH, though I've come to love it very quickly.
>
> Recently I've been seeing a lot of activity in /var/log/auth.log (of the
> sshd sort). Sometimes 5 straight hours of brute force attacks. I've
> currently only whitelisted a single user. While I feel reasonably safe and
> nothing has cracked yet, I live in constant fear of my account getting
> cracked open, at which time it would take no more than:
>
> sudo rm -rf /
>
> SO, just wondering what advice anyone could offer on hardening SSH. I might
> be a little paranoid, but I think it's still in the range of being healthy.
>
> -Johnny
>

paranoid level

do not allow root login
only allow ssh keys to login

super paranoid

the above plus

do not allow remote root access

Dave




More information about the kwlug-disc mailing list