computers:ssh_security
This is an old revision of the document!
Table of Contents
SSH security
Limit by user
Only allow required users to login.
Mac: in “System Preferences/Sharing/Remote Login”, choose users in the “Allow access for:” box.
Limit by IP address
First: deny connection from all in /etc/hosts.deny
# /etc/hosts.deny # deny from all sshd: ALL
Second: specify the allowed IPs in /etc/hosts.allow
# /etc/hosts.allow # allow intranet-ethernet IPs (192.168.1.*) # allow intranet-wireless IPs (10.0.1.*) # allow Academia Sinica IPs (140.109.*.*) # allow National Taiwan University IPs (140.112.*.*) sshd: 192.168.1., 10.0.1., 140.109., 140.112. : allow
Other IP ranges:
- Hinet: 118.160.0.0 - 118.167.255.255, 118.168.0.0 - 118.171.255.255
Check log files
Mac:
more /var/log/secure.log
Ubuntu:
more /var/log/auth.log
Fail2ban
Install fail2ban
Ubuntu:
# install sudo apt-get install fail2ban # edit the conf file /etc/fail2ban/jail.conf as necessary # for example, increase 'bantime' or reduce 'maxretry' to enhance the security level # restart the service /etc/rc.d/init.d/fail2ban restart
computers/ssh_security.1328032968.txt.gz · Last modified: 2012/02/01 02:02 by chkuo