Hero Image

SSH security best practice

SSH Security Best Practices

At file /etc/ssh/sshd_config:

Disable Root Logins

Best: PermitRootLogin no
Good: PermitRootLogin without-password

wihout-password requires "PubkeyAuthentication yes"

Limit user Logins

AllowUsers somusername1 someusername2

Disable Protocol 1

Protocol 2

Use a Non-Standard Port

Port 2345

Use Public/Private Keys for Authentication

PubkeyAuthentication yes

Disable password authentication forcing use of keys:

PasswordAuthentication no

PS! Be sure to make generate private and public key with keys authentication

Source: https://wiki.centos.org/HowTos/Network/SecuringSSH

Other Related Posts:

Openvpn ubuntu core on raspberry

Steps to setup easy-openvpn on Ubuntu Core

This gist is to accompany a more wordy blog post which covers everything in much more detail. These are the easily copy/pastable steps.

For this you will need:-

  • Raspberry Pi 2 or 3, PSU, keyboard, LAN connection, HDMI cable and display
  • Laptop/desk...

Read more

21st Jan 2019

25 common iptables rules

1. Delete all existing rules

iptables -F

2. Set default chain policies

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

3. Block a specific ip-address

BLOCK_THIS_IP="x.x.x.x"

iptables -A INPUT -s "$BLOCK_THIS_IP" -j DROP

4. Allow ALL incoming SSH

iptables -...

Read more

20th Dec 2019