Securing SSH

/ Coding, Guide / By / / Commandline, Linux, openssh, Security, ssh, Ubuntu

If you are using SSH, you’ll want to run down this checklist of to make that ssh server a bit more secure. If any of these settings is absent from the configuration file, you should add them.

For Ubuntu this is in the file

/etc/ssh/sshd_config

Change Port

This is more of a security through obscurity approach, but it’ll help slow down bot scrapers.

Change this value to something else.

Port 22

Set Client Timeout

ClientAliveInterval configures the server to send null packets to clients each 10 seconds.
ClientAliveCountMax configures the server to close the connection if the client has been inactive for 300 seconds.

In this case that is 10*300 = 3000 seconds or 50 minutes.

ClientAliveInterval 10
ClientAliveCountMax 300

Disable empty passwords

PermitEmptyPasswords no

Limit Login Attempts

MaxAuthTries 3

Use Protocol SSH 2 only

Protocol 2

Disable root login

PermitRootLogin no

In conclusion…

There are always lots of ways to accomplish similar tasks. If you have additional ideas or I missed anything, please post in the comments below.

Discover more from AJB Blog

Subscribe to get the latest posts sent to your email.

Related Posts

Aero Snap on Mac

Guide

One of my favorite features of Windows 7 is the ability to snap windows side by side or make them full screen just by dragging…

Windows 7 Godmode

Guide

God Mode is a simple folder that brings all aspects of Windows 7 control in a single place.

Email Etiquette

Guide

I love getting jokes from friends through email. It’s a great way to keep in touch and share thoughts and ideas quickly and easily. But…