Securing OpenSSH

OpenSSH is a wonderful tool; it's the Linux administrator's best friend. It saves you the trouble of having to walk into the server room and attach a monitor and keyboard in order to perform work on your network. Using any computer connected to the same network, you can pretty much do anything you want to as if you were standing right in front of the machine. The problem is that an unsecured SSH implementation gives miscreants the exact same luxury. Of all the things running on your network, SSH is definitely the one you want to give some major attention to.

The first and most common security tweak for SSH is to use only Version 2 of the protocol. To determine which version your Linux installation is using, grep the /etc/ssh/sshd_config ...

Get Mastering Linux Network Administration now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.