Hello There, Guest!

How to Secure SSH Access on a Linux Server
Offline
Sergeant Class Registered - Sergeant Class
Threads: 3
Posts: 7
Joined: Oct 2017
Reputation:
0


Luxars:

#2
Using Google Autheticator isn't really a good solution. 2FA is great and all, but isn't super practical in a lot of scenarios. I don't really feel like listing out every possible method you can use to secure ssh but here's a few pretty decent ones

A) No one should have your username and password. Setting up a specific account for ssh access and only giving it read permission is what you should do. Use sudo for any sort of editing purposes.
B) Setup fail2ban, takes like two seconds and prevents brute forcing attacks
C) Don't use 22 for SSH, helps stop automated attacks
D) utilize portknocking, even if someone has your keys they won't be able to get in -- fwknop is a pretty good implantation. You could even write your own implantation that will send you an sms if someone logs in with your keys without portknocking. That would have the added benefit of knowing your keys are compromised when the hacker attempts to use them.
10-02-2017, 03:34 AM
  
Reply


Messages In This Thread
RE: How to Secure SSH Access on a Linux Server - by test - 10-02-2017, 03:34 AM

Possibly Related Threads...
Thread Author Replies Views Last Post
  Linux Server Management Service? Sparky 0 1,744 12-20-2016, 03:32 AM
Last Post: Sparky