Securing SSH

Security

ISC recommends adding the following to your sshd_config:

PermitRootLogin no

AllowUsers userA userB userC

Protocol 2

LoginGraceTime 20s

MaxStartups 5

Banner /etc/ssh/sshd_banner

My standard banner is:

Use of this network is restricted to authorized users. User activity is monitored and recorded by system personnel. Anyone using this Network expressly consents to such monitoring and recording. BE ADVISED: if possible criminal activity is detected, system records, along with certain personal information, may be provided to law enforcement officials.

posted by Michael on 11.23.04 @ 7:03 pm |

[...] At this point you’re done! Couple this with using SSH keys and these sshd_config changes and you’re on your way to a secure SSH daemon. [...]

By mcwresearch.com » Using Denyhosts to secure SSHD on 05.02.06 1:33 pm

[...] Use These settings in SSHD_config to further secure SSH [...]

By mcwresearch.com » Pay it forward: Know Your Network on 08.03.06 10:56 am

RSS feed for comments on this post. TrackBack URI