How to secure your SSH server
|
|
I came across this interesting post about how to secure your SSH without changing the SSH listening port.
Things that the post author suggested are :
- Enforce the use of secure and hard to guess password
- Disable login by password, use Public Key Authentication for greater security.
- Allow SSH connection from trusted network only.
- Implement Port Knocking – http://www.linuxjournal.com/article/6811
- Use iptables RECENT match to filter SSH scanners
Personally I’ve enabled public-key authentication and SSH scanner filter to secure my server at the advice of my friend from a local security firm. Although, I haven’t tried the port knocking method yet, it seems interesting to know that ‘secret port knocking’ pattern also exists in computer security (remember ali baba?)
Hopefully this post will serve as a reminder to myself and those who read them, ah oh, most of this post content are lifted shamelessly from False sense of security
[tags]ssh,iptables,ubuntu,debian,security, port knocking,nmap, security scanners,exploit[/tags]
http://blog.drinsama.de/erich/en/linux/2007021502-false-sense-of-security
Keep updated with the latest posts, be a part of over 1,000 subscribers! : 
Subscribe to your email
You might also want to read...
- Limiting the number of connections to SSH Server using Iptables
- How to restrict or allow SSH access to certain users only in Linux
- How to Secure SSH server from Brute-Force and DDOS with Fail2ban ( Ubuntu )
- Secure your WordPress installation now, avoid from being compromised
- How to Setup SSH public-key or password-less authentication in Ubuntu
- Iptables rule to safeguard SSH server from crackers
- Please update/patch and secure Litespeed web server
Leave a Comment