OpenSSH is tool used for connecting and managing remote linux machines. And this should be secured. I am here by telling some security tips to make the SSH server perfect.
1.The following iptable rule will drop incoming connections which make more than 5 connection attempts upon port 22 within 60 seconds
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 -j DROP
2.Disable Empty Passwords
Open the file /etc/sshd/sshd_config and
PermitEmptyPasswords no
3.TCPWrappers
open --> vi /etc/hosts.deny
sshd:ALL
then
open --> vi /etc/hosts.allo
sshd:192.168.1.32 192.168.1.21 (Change to your desired IP)
4.Change the SSH Port
The Idea behind this , suppose we change the port 22 to something other say Oracle 1521 , the attackers thinks that this is an Oracle server and will try oracle hacking tools :)
1.The following iptable rule will drop incoming connections which make more than 5 connection attempts upon port 22 within 60 seconds
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 -j DROP
2.Disable Empty Passwords
Open the file /etc/sshd/sshd_config and
PermitEmptyPasswords no
3.TCPWrappers
open --> vi /etc/hosts.deny
sshd:ALL
then
open --> vi /etc/hosts.allo
sshd:192.168.1.32 192.168.1.21 (Change to your desired IP)
4.Change the SSH Port
The Idea behind this , suppose we change the port 22 to something other say Oracle 1521 , the attackers thinks that this is an Oracle server and will try oracle hacking tools :)
Port 300 5.Force Logout for Idle Sessions ClientAliveInterval 300 ClientAliveCountMax 0