[TUT] How to secure your SSH server - Printable Version +- Support Forums (https://www.supportforums.net) +-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87) +--- Forum: Computer Support Topics (https://www.supportforums.net/forumdisplay.php?fid=4) +---- Forum: Linux, FreeBSD, and Unix (https://www.supportforums.net/forumdisplay.php?fid=17) +---- Thread: [TUT] How to secure your SSH server (/showthread.php?tid=1882)

[TUT] How to secure your SSH server - p0w3r0fchr1st - 10-20-2009 Hello, Ok bare with me here because this is my first tutorial. Ok, let's start. First find the configuration file for your SSH server. It would normally be located in etc>ssh>sshd_config. then follow these rules: #1 Don't allow root to remote login. So change "PermitRootLogin yes" to "PermitRootLogin no" #2 Limit the users or groups that can login in remotely. If these lines are not there, just add them to the text file. AllowUsers me AllowGroups mygroup DenyUsers fuckface DenyGroups fuckfacegroup #3 Allow only Protocol 2.Protocol 1 is less secure. Protocol 2 #4 Change the default port 22 to something higher like 2222 Port 2222 Those are the basic steps on making your SSH server a lot more secure. You could also add a firewall to know who is trying to connect to you. I use FireStarter because it is easy to use and quite user friendly. It blocks out all connections that I have not allowed through. Here is the link to the site: http://www.fs-security.com/ Hope this helped RE: [TUT] How to secure your SSH server - Gone - 10-20-2009 Okay remote logon is a must. What if you need to access it from your computer or when your at work? You can't always reboot. You can get get_swap_space errors all the time and your server will just fill up. Port is a good idea, just one thing. For the love of all that is good, don't use your birthday date or your birth year. RE: [TUT] How to secure your SSH server - p0w3r0fchr1st - 10-20-2009 LOL, yes of course that is like the stupidest thing. I normally usually just use 2222. RE: [TUT] How to secure your SSH server - manipulate - 10-20-2009 How about using SSH keys instead of a password. RE: [TUT] How to secure your SSH server - p0w3r0fchr1st - 10-21-2009 Ya I though about writing that but..... It is a bit complicated for normal users. This was a basic tut.