How to Harden & Secure your SSH Server


Hello all.

I am Back and now we learn about ssh server and How To Secure ssh server on linux.

Oke lets go to Secure Our ssh Server.

[#] Change the Default Port

Default Port is 22

edit :
~ vi /etc/sshd/ssh_config

code :
Port 2222 => change here

[#] Disable root Login

code :
PermitRootLogin no => change here

[#] Limit User`s access SSH

code :
AllowUsers root johnny => add this

[#] Limit IP Binding

code :
ListenAddress 192.168.1.5
ListenAddress 202.54.1.5 => add this

[#] Configure Idle Log Out Timeout Interval

code :
ClientAliveInterval 300 => change here
ClientAliveCountMax 0

[#] Increase Key Strength

code :
ServerKeyBits 1024 => change here

[#] Disable Empty Passwords

code :
PermitEmptyPasswords no => change here

[#] Disable .rhosts Files

code :
IgnoreRhosts yes

[#] Firewall SSH Port

using iptables :
~ iptables -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
~ iptables -A RH-Firewall-1-INPUT -s 202.54.1.5/29 -m state --state NEW -p tcp --dport 22 -j ACCEPT

[#] use TCP Wrappers /network fileter

Intall TCP wrappers and edit :
~ vi /etc/hosts.allow

code :
sshd : 192.168.1.2 172.16.23.12 

[#] Use Log Analyzer

~ apt-get install logwatch
~ vi /etc/logwatch/conf/logwatch.conf

then Restart your SSH service :P

thankz.
Title : How to Harden & Secure your SSH Server
Description : Hello all. I am Back and now we learn about ssh server and How To Secure ssh server on linux. Oke lets go to Secure Our ssh Server. ...

0 Response to "How to Harden & Secure your SSH Server"

Post a Comment