SSH
October 22, 2007
I’ve been tinkering around with setting up an SSH server on my home computer. I would prefer having a dedicated server at home instead of running everything on my laptop, but I’m not sure how much I can trust the hard drives on the Pentium II computers lying around the house.
I’m a little uncomfortable having my computer open to the world (or the windows box 
) so I look up some stuff about hardening ssh. It seems to be a really easy process. Basically just change the default port, disable the version 1 protocol, hostbased authentication, root logins, and allow only public key logins. Also set up a list of allowed users or groups and use /etc/hosts.allow and /etc/hosts.deny to block access to certain hosts. Finally put in place a nice iptables firewall to block traffic to anything outside the parts of the world you plan to be in. (I’ve read mixed messages about the last one, but mainly just performance concerns.)
Now your SSH server should be as secure as the underlying OS.
Leave a Comment
Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Trackback this post | Subscribe to the comments via RSS Feed