Security paranoia: restricting ssh access

I am going to set-up a little server at my home and I am learning stuff about how to prevent hacker parties inside while it is running. I think that since now I’ve made an acceptable work (I just set up two firewalls in front of it, and got other precautions), but prudence is never too much.
The latest interesting stuff found on this topic is about gaining control over ssh connections, avoiding dictionary attacks, and other problems: for example – also ssh can have bugs – disallowing root from login is always good thing. Really nice hints comes from Security Paranoia – restricting ssh access blog by Tony Lawrence.
Due to this useful information, I just subscribed his weblog. Great stuff!

Update:

Other things that could be done:

Disable password authentication commenting out UsePAM (by default is set to no):
#UsePAM yes

Indicate which users are allowed to connect:
AllowUsers scott

If you only want to use SSH 2 protocol (that is more secure), you can disable RSA authentication:
RSAAuthentication no

For more info:
$ man sshd_config


One Response to “Security paranoia: restricting ssh access”  

  1. 1 Improving security on OpenSSH - NewInstance


Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



Calendar

August 2005
M T W T F S S
« Jul   Sep »
1234567
891011121314
15161718192021
22232425262728
293031  

Follow me

twitter flickr LinkedIn feed

Subscribe by email

Enter your email address:

Archives


Categories

Tag Cloud


Listening