Results 1 to 13 of 13
  1. #1
    Join Date
    Jul 2009
    Location
    Kshatriya
    Posts
    2,725

    * SSH is unsecure? why not use SSH?

    hi,

    i have one master reseller hosting(No SSH access)


    and also i have One Dedicated Server (Personal - Testing Server only, no website) from InternetGateway(Full SSH Root Access)


    i am use SSH for installing scripts(like awstat,cPanel,config,etc)
    example: wget http://....site...tar.gz


    this is secure? or never use ssh for security reason?
    Dewlance® Cheap Windows VPS - Chicago/Orlando/Vegas/AZ - SSD
    WHMCS ReadyMadeKB - Tutorials for cPanel/InterWorx/Softaculous& Growing..
    Super Cheap Annually Shared Hosting - Canada/US/UK

  2. #2
    If you are concerned about your ssh security better one the good thing you can do to secure your ssh. You should change your ssh port no from sshd_config file. This can be advantage for you to reduced the attack.
    Support Facility | 24/7 web hosting technical support services
    Technical support | Server management | Data migration

    Technical Articles

  3. #3
    Join Date
    Jan 2005
    Location
    Darwin, Australia
    Posts
    1,333
    Should be fine as long as your dedicated server is secure
    Graham Craig

    "IT'S NOT HOW GOOD YOU ARE, IT'S HOW BAD YOU WANT IT."

  4. #4
    Join Date
    Jul 2008
    Location
    Eta Carinae
    Posts
    2,671
    Secure Shell...

    And changing ports as suggested above helps a lot. Just make it a random high number and you should be fine.

  5. #5
    Join Date
    Nov 2009
    Location
    Los Angeles, CA
    Posts
    6
    You can further secure your SSH by disabling password based login and generating a key pair for authentication. I'd also recommend disabling the root account from connecting via SSH. Create a new account and SSH into that one, then su to root, or sudo when you need to run something as root.

  6. #6
    Join Date
    Mar 2009
    Location
    /usr/bin/perl
    Posts
    971
    Quote Originally Posted by njoker555 View Post
    Secure Shell...

    And changing ports as suggested above helps a lot. Just make it a random high number and you should be fine.
    A lot of people are under the impression that changing the port will help -- but it won't.

    -Keep out the brute-forcers with firewall restrictions
    -Disable password auth/enable public key auth

    Period. Any script-kiddy who knows how to point and click can find out what alternate port an SSH Server is running on.
    Ask me about CloudCentrum (coming soon) -- The complete, turn-key cloud software solution

  7. #7
    Join Date
    Sep 2009
    Posts
    1,794
    You can also block all IP addresses in the firewall, except your IP address, or if you are using dynamic IP, your class of IP addresses and you should be fine.
    LVPSHosting.com|Virtual Private Servers|Dedicated Servers|
    Managed Hosting Solution|24/7/365 Support
    Datacentar and servers location: Holland, Europe

  8. #8
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    16,087
    Quote Originally Posted by e-Sensibility View Post
    A lot of people are under the impression that changing the port will help -- but it won't.

    -Keep out the brute-forcers with firewall restrictions
    -Disable password auth/enable public key auth

    Period. Any script-kiddy who knows how to point and click can find out what alternate port an SSH Server is running on.
    Changing the port alone won't help without a login failure daemon + port scan detection.

    The PSD will block most before they find the right port and the LFD will block those that find it and try to log in with incorrect credentials.

    Changing the port alone is just security thru obscurity but anybody really wanting in will find it.
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS
    http://www.mddhosting.com/

  9. #9
    SSH is generaly crypted

  10. #10
    Join Date
    Oct 2009
    Posts
    856
    Quote Originally Posted by e-Sensibility View Post
    A lot of people are under the impression that changing the port will help -- but it won't.
    Well, it does help, at least by preserving your sanity when reviewing logs. When I changed the port on my servers to a different one, random login attempts went from hundreds a day per server, to 0.

  11. #11
    Also edit the /etc/ssh/sshd_config file ,

    Allow only Protocol 2:

    Protocol 2

    Protocol 1 is less secure and obsolete.
    Shared Hosting | Reseller Hosting | VPS Hosting | Dedicated Servers
    KeserHosting.Com

  12. #12
    Join Date
    Nov 2005
    Location
    /etc/fstab
    Posts
    1,274
    i am use SSH for installing scripts(like awstat,cPanel,config,etc)
    example: wget http://....site...tar.gz


    this is secure? or never use ssh for security reason?
    As long as you know what you are doing, I am sure it is secure
    Mellowhost - Providing High Quality Web Hosting Services since 2007
    SSD Cpanel Shared, SSD OpenVZ & KVM VPS Hosting
    A Hosting Provider with Complete SSD VPS & Shared Hosting.

  13. #13
    Do not give your clients shell. Just give yourself shell. It probably would make you feel better in the long run.

Similar Threads

  1. Replies: 0
    Last Post: 07-23-2009, 10:02 AM
  2. Replies: 0
    Last Post: 07-15-2009, 11:34 AM
  3. disabling SSH root access but enabling SSH keys how to do that?
    By sharmaine1111 in forum Hosting Security and Technology
    Replies: 7
    Last Post: 04-03-2009, 11:26 PM
  4. how to change ssh server name on ssh software
    By joelin in forum Hosting Security and Technology
    Replies: 3
    Last Post: 05-17-2008, 10:26 AM
  5. E-mail Alert on Root SSH Login but also all ssh users too ?
    By Ivan23 in forum Hosting Security and Technology
    Replies: 2
    Last Post: 12-11-2005, 10:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •