Securing SSH

ISC recommends adding the following to your sshd_config:

PermitRootLogin no

AllowUsers userA userB userC

Protocol 2

LoginGraceTime 20s

MaxStartups 5

Banner /etc/ssh/sshd_banner

My standard banner is:

Use of this network is restricted to authorized users. User activity is monitored and recorded by system personnel. Anyone using this Network expressly consents to such monitoring and recording. BE ADVISED: if possible criminal activity is detected, system records, along with certain personal information, may be provided to law enforcement officials.

For more information about this topic

No Related Post

mcwresearch.com » Using Denyhosts to secure SSHD:
[...] At this point you’re done! Couple this with using SSH keys and these sshd_config changes and you’re on your way to a secure SSH daemon. [...]
mcwresearch.com » Pay it forward: Know Your Network:
[...] Use These settings in SSHD_config to further secure SSH [...]

RSS feed for comments on this post. TrackBack URI

For more information about this topic

Pages

Other Projects

Categories

Search