Securing-SSH-Service-Linux-Ubuntu-Redhat-Server

• Securing SSH Service Linux Ubuntu Redhat Server

We need to have ssh installed to secure it, for debian based distro we can install it using the command apt-get, apt-get install ssh will install ssh on the server for you.

Some of the configuration files are as follows.

/etc/ssh$ ls -l
total 160
-rw-r--r-- 1 root root 132839 2006-05-18 06:13 moduli
-rw-r--r-- 1 root root   1423 2006-10-05 15:13 ssh_config
-rw-r--r-- 1 root root   1909 2007-08-26 20:06 sshd_config
-rw------- 1 root root   1192 2006-09-28 07:28 ssh_host_dsa_key
-rw-r--r-- 1 root root   1119 2006-09-28 07:28 ssh_host_dsa_key.pub
-rw------- 1 root root   1675 2006-09-28 07:28 ssh_host_rsa_key
-rw-r--r-- 1 root root    399 2006-09-28 07:28 ssh_host_rsa_key.pub

The file sshd_config should be modified to increase the security.

• Make ssh listen on a given interface, if there are more than 1 interface.
• Don't permit empty passwords.
• Allow only certain users to have access to the machine.
• Change the default port number, The default port number is 22, see http://www.iana.org/assignments/port-numbers
• Protocall version 2
• Disabling root access will make the attacker's life harder.
• X11 _only _ if needed
• AllowUsers, AllowGroups, DenyUsers and DenyGroups directives helps you to control better who's going to have remote access to that box.
• remote logins only from known/trusted hosts
• Use sshd : IPaddress in /etc/hosts.allow and the line "sshd: ALL" in the /etc/hosts.deny
• Enable keyfile based login