Posts Tagged ssh

SSH Security

Posted by bumscientist in Computing on December 12, 2009

It seems that people have been trying to hack into my server. I can tell this by looking at /var/log/syslog, where I sometimes have up to 3 attempts per second. It’s time to beef up security.

Switch to public key authentication

$ ssh-keygen -t dsa
$ scp ~/.ssh/id_dsa.pub server.host.com:.ssh/authorized_keys
$ ssh server.host.com

/etc/ssh/sshd_config

PermitRootLogin no
MaxAuthTries 3
PasswordAuthentication no
LoginGraceTime 300

Modify your firewall to accept ips not used by you and block offending ips.

/etc/rc.d/rc.firewall

iptables -A INPUT -s x.x.0.0/255.255.0.0 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -s x.x.0.0/255.255.255.0 -j DROP

No Comments

SSH Host Keys

Posted by bumscientist in Computers on November 28, 2009

A machine I’ve been remotely connecting to was compromised recently forcing me to change my password into a new stronger password. I don’t pay as much attention to security as I should. I should be more careful about host keys, but I don’t think I can easily get the fingerprint until after I’ve made the first connection.

Find your fingerprint of your server with

$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub

This should match with the fingerprint when you try to ssh into the server. If it doesn’t match, then you have a problem.

No Comments