Need to migrate your e-mails to a new server? Free and paid versions of our online tool available.
Hero Image

Harden SSH on OpenBSD 7.5

ssh openbsd ssh

Harden SSH on OpenBSD 7.5

Back up config

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

Key settings (/etc/ssh/sshd_config)

Port 2222
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
AllowUsers deploy alice
Protocol 2
ClientAliveInterval 600
ClientAliveCountMax 0
X11Forwarding no
PermitEmptyPasswords no
LoginGraceTime 30
MaxAuthTries 3
MaxSessions 5
Ciphers [email protected],[email protected]
MACs [email protected],[email protected]
KexAlgorithms curve25519-sha256,[email protected]
LogLevel VERBOSE

Test and restart

sshd -t && rcctl restart sshd
Previous Post Next Post