Hello all.
I am Back and now we learn about ssh server and How To Secure ssh server on linux.
Oke lets go to Secure Our ssh Server.
[#] Change the Default Port
Default Port is 22
edit :
~ vi /etc/sshd/ssh_config
code :
Port 2222 => change here
[#] Disable root Login
code :
PermitRootLogin no => change here
[#] Limit User`s access SSH
code :
AllowUsers root johnny => add this
[#] Limit IP Binding
code :
ListenAddress 192.168.1.5
ListenAddress 202.54.1.5 => add this
[#] Configure Idle Log Out Timeout Interval
code :
ClientAliveInterval 300 => change here
ClientAliveCountMax 0
[#] Increase Key Strength
code :
ServerKeyBits 1024 => change here
[#] Disable Empty Passwords
code :
PermitEmptyPasswords no => change here
[#] Disable .rhosts Files
code :
IgnoreRhosts yes
[#] Firewall SSH Port
using iptables :
~ iptables -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
~ iptables -A RH-Firewall-1-INPUT -s 202.54.1.5/29 -m state --state NEW -p tcp --dport 22 -j ACCEPT
[#] use TCP Wrappers /network fileter
Intall TCP wrappers and edit :
~ vi /etc/hosts.allow
code :
sshd : 192.168.1.2 172.16.23.12
[#] Use Log Analyzer
~ apt-get install logwatch
~ vi /etc/logwatch/conf/logwatch.conf
then Restart your SSH service :P
thankz.
Title : How to Harden & Secure your SSH Server
Description : Hello all. I am Back and now we learn about ssh server and How To Secure ssh server on linux. Oke lets go to Secure Our ssh Server. ...
Description : Hello all. I am Back and now we learn about ssh server and How To Secure ssh server on linux. Oke lets go to Secure Our ssh Server. ...
0 Response to "How to Harden & Secure your SSH Server"
Post a Comment