Find the answer to your Linux question:
Results 1 to 6 of 6
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Problem with securing SSH


    Hello,

    I want to make my SSH connections more secured. For this reason I want to edit the following variables in sshd_config :

    MaxAuthTries
    MaxSessions
    MaxStartups
    LoginGraceTime
    ClientAliveInterval
    ClientAliveCountMax

    For unknown reason only MaxAuthTries is working on CentOS6. I`m not able to understand why editing of the other variables is not working. Do you have any ideas, why changing of MaxSessions for example is not working ?

  2. #2
    Quote Originally Posted by nezavisimost View Post
    I want to make my SSH connections more secured.
    https://wiki.archlinux.org/index.php/Ssh_keys
    I am not a "Linux Guru"! Get off me! The Forum software won't let me change it!
    How to ask smart questions | Don't be a Help Vampire | How to Use Code Tags
    You can post a link by removing "http://www." from it.

  3. #3
    You might want to look at how SSH is supported on CentOS. I dough that it's not implemented, but I don't roll with CentOS. Now, if you really want to secure your SSH, you should look at port knocking, random ports, reject probing, and as @nihili said, forget about passwords and only use SSH keys.

    > wiki.centos.org/HowTos/Network/SecuringSSH

  4. $spacer_open
    $spacer_close
  5. #4
    Thank you for your answers. The problem is that this tips will be included in Linux VPS template for securing clients ssh sessions and in this case the key is not an option. I`m searching for a options which can be included at all in the template without any need the client to generate/set keys. If you have something on your mind, I will be thankful to share it.

  6. #5
    Hi,

    I would say to change the ssh port first then create a wheel user and then switch to root. Thus a attacker have to know two passwords. (Two step authentication in the sense). Also, you could use AllowUsers parameters to allow only specific users to ssh.

  7. #6
    Quote Originally Posted by shankar321 View Post
    Hi,
    I would say to change the ssh port first then create a wheel user and then switch to root. Thus a attacker have to know two passwords. (Two step authentication in the sense). Also, you could use AllowUsers parameters to allow only specific users to ssh.
    and i would say that you need to actually look at the dates on threads before posting. all of the ones youve posted in have been closed since last year.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •