07 June 2011

Securing SSH server in Linux

Restrict ssh access to the server is a must because it involves security issues. Now I will share how to limit ssh into our server. Let's assume our server is a server D

1. Changing the ssh port for only us who know the server D
2. Prohibiting root login via ssh for security
3. Restrict ip addresses which can do ssh to the server D

To do the numbers 1 and 2 we can do it by editing the files in sshd_config.

To change the ssh port, change the number 22 to another number in the Port parameter 22. 22 is the default port for ssh service, and therefore replace it with another number such as 40

Port 40

To disallow root login, change the following parameter from NO to YES

PermitRootLogin yes

To limit the IP addresses that may access the server D then we should use / etc / host.allow and / etc / host.deny
in / etc / hosts.allow we must enter the ip address that are allowed to remotely

# pico / etc / hosts.allow

and enter the following parameters
sshd: 192.168.13.0/24 # # # if we want to allow network 192.168.13.0 to our server remotely via ssh D

if it is finished, save and edit the file / etc / host.deny

# pico / etc / hosts.deny

then edit and enter the following parameters

sshd: ALL # # # This will refuse all connections other than that you enter in / etc / hosts.allow

then save and exit

after that please restart your ssh sevice for configuration number 1 and 2 runs

1 comment:

  1. to secure ssh by SSH login without password https://www.namhuy.net/2433/ssh-login-without-password.html

    ReplyDelete