Wednesday, February 10, 2010

Open SSH basic security

For the ssh to be secure any competent network admin will tell you to do the following:
Open a shell and type :
sudo nano /etc/ssh/sshd_config (this is the openssh-server configuration file)
1.Find the line where you see port 22 and change the port number to another number example port 2232 (the number must be higher than  1024).Now when you log to this sistem you must specify the port number like this:
ssh -p 2232 cata@ubuntubox1
2.Find the line where you see PermitRootLogin yes and change to no .If you do this nobody can ssh login with the root user.
3.Try to use passwordless authentication and   in the sshd_config set PasswordAuthentication no.

No comments:

Post a Comment