SSH configuration summary (was Re: Rookit infections: AARRGH!)
Larry Cook
lcook at sybase.com
Wed May 25 16:49:00 EDT 2005
This thread was very timely, as I wanted to set up my system for
remote access using SSH. Here is a summary of the advice for a
secure SSH configuration that I gathered from the thread. I've
included the specific /etc/ssh/sshd_config file entries:
* Disable SSH v1 protocol, only use SSH v2 protocol
Protocol 2
* Disable passwords, use DSA keys with passphrase
PasswordAuthentication no
* Disable root access, use sudo for audit trail
PermitRootLogin no
* Change SSH port number
Port 12345
* Only allow trusted IPs
(I don't see this ability in SSH.)
I've done all but the last one, since I couldn't find a way to
configure it with SSH. Maybe the intent was to do it with
iptables.
Is there anything I missed?
Given the above, what are the security risks?
Thanks,
Larry
More information about the gnhlug-discuss
mailing list