OpenSSH Security

by bouleetbil 25. mai 2011 15:20

Openssh :

SSH is a powerful remote login protocol.
Install :
# pacman-g2 -S openssh

Edit /etc/ssh/sshd_config for change this configuration

Disable root login
PermitRootLogin no

Disable empty password
PermitEmptyPasswords no

Setting the MaxAuthTries to a low number will minimize the risk of your SSH server being attacked in a brute force type of way.
MaxAuthTries 3

ssh key authentification
PubkeyAuthentication yes

Fail2ban :
Fail2Ban scans log files like /var/log/messages and bans IP that makes too many password failures. It updates firewall rules or /etc/hosts.deny to reject the IP address.

Install fail2ban
# pacman-g2 -S fail2ban

Edit /etc/fail2ban/jail.conf
Change ssh-iptables section for
[ssh-iptables]

enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/messages
maxretry = 5

/var/log/messages is used by sysklogd
/var/log/syslog is used by syslog-ng

Start fail2ban and enable it:
# systemctl enable fail2ban.service
# systemctl start fail2ban.service

Tags:

Frugalware | Linux

Billets liés

sign an Applet or java.security.AccessControlException: access deniedIf you have this error java.security.AccessControlException: access denied, you should sign your app...mono bump, frugalware-tweak vs frugalware-tweak2Mono have be updated to 2.8.2 that fixe some security issues : http://www.mono-project.com/Release_...PostfixFirst, add your server to mx zone. Install postfix : # pacman-g2 -Sy postfix Create Mysql databas...

Commentaires

26/05/2011 01:52:40 #

Bouleetbil - thanks for this article. In the beginning you say "SSH is a powerful remote logging protocol." I wonder if you meant "login" instead of "logging"? I would describe SSH as a secure shell but since I rarely use it I'm certainly no expert.

Russell Dickenson (AKA phayz)

26/05/2011 08:23:10 #

yes I've change it

bouleetbil