Results 1 to 8 of 8

Thread: SSH Security

  1. #1
    Join Date
    Jan 2005
    Location
    Victoria, BC, Canada
    Posts
    2

    SSH Security

    I am the sole administrator of a dedicated server. I wish to improve security by using a script that enables, disables ssh and lmit the max ssh sessions to 2 (in case I drop).

    Does anyone have insight on how to do this?

  2. #2
    Join Date
    Jul 2003
    Location
    US
    Posts
    61
    You can disable ssh access in sshd_config with DenyUsers parameter.
    Rotmax - Advanced Hosting Solutions
    | Providing premium hosting since 2001.
    | http://www.rotmax.com
    | Follow us on Facebook: Rotmax-Facebook

  3. #3
    Join Date
    Aug 2004
    Location
    France
    Posts
    44
    You can also change the default port.
    It will prevent the script kiddies from playing with your ssh access.

  4. #4
    Join Date
    Mar 2005
    Location
    NY USA
    Posts
    839

  5. #5
    and use AllowUsers or AllowGroups.

  6. #6
    Join Date
    Aug 2004
    Posts
    371
    The best way to improve security is to has NX bit technology. Previous versions of OpenSSL has buffer overflows that allowed hackers to take over the machines. NX bit can stop all these things...

  7. #7
    Join Date
    Feb 2005
    Posts
    334
    wm2100:

    uh, so how will that help if you use a username/password og say... god/god and a root pass like... god? If you think that chip is the be all and end all of security please let me know who you work for so I never do business with them.

    Centrilo;

    rather than convoluted scripting why not disable passwords, set up keys, and if you really feel the need change ports?

  8. #8
    Join Date
    Apr 2001
    Location
    FL, USA
    Posts
    925
    On DMZ boxes where a firewall cannot restrict port 22, we have used allowusers and only permit ssh key access. We've a couple of boxes where script kiddies scan for days using brute force ssh attacks against users that even if they existed could not login via ssh or login via password.

    We save you time, money, and frustration by handling the server management tasks required to run an online business successfully.
    No prodding required. We just do it right the first time. Red Hat, MySQL, Plesk, and cPanel certified staff.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •