blog.up-link.ro
23Jun/110

How To Enable Two-factor SSH authentication via Google Authenticator

In this tutorial I'll show you how to set up two-factor authentication for SSH using Google Authenticator. Two-factor authentication is where you authenticate to a service (SSH in our case) with two pieces of information: one you know, and one you don't. The information you know is your password (which can be stolen) while the information you don't know is a randomly-generated PIN number that changes every few seconds. So even if your password is stolen, unless an attacker has the means to get the right PIN (tied to a hardware device), they cannot log into the protected service.

Print This Post Print This Post
16Oct/100

SSH Security: How To Block SSH Brute Force Attacks with SSHGuard

SSHGuard monitors logging activity and reacts to attacks by blocking their source IP addresses. sshguard has born for protecting SSH servers from the today's widespread brute force attacks, and evolved to an extensible log supervisor for blocking attacks to applications in real-time.

SSHGuard is given log messages in its standard input. By means of a parser, it decides whether an entry is normal activity or attack. After a number of attacks, the IP address is blocked with the firewall.

These are the available blocking backends:

  • SSHGuard with PF (OpenBSD, FreeBSD, NetBSD, DragonFly BSD)
  • SSHGuard with IP FILTER (FreeBSD, NetBSD, Solaris)
  • SSHGuard with IPFW (FreeBSD, Mac OS X)
  • SSHGuard with netfilter/iptables (Linux)
  • SSHGuard with TCP wrappers / hosts.allow (almost any UNIX system)
Print This Post Print This Post
23May/100

How To Update all CentOS/RHEL servers remotely using a shell script

#!/bin/bash
#
# A simply shell script to update remote CentOS/RHEL servers
# You must have ssh public and private key installed. This will save a lot of time if you
# have many servers.
#
# by Adi https://blog.up-link.ro
# May 2010

# an array to store ssh commands for each server
hosts=(
        "ssh root@192.168.1.1 yum update -y"
        "ssh root@192.168.2.1 -p 2222 yum update -y"
        "ssh adi@192.168.3.1 -t sudo  '/usr/bin/yum update -y'"
      )
# read the array and launch the ssh command
for sshcmd in "${hosts[@]}";do $sshcmd;done
Print This Post Print This Post
27Apr/100

SSH Security Tips – OpenSSH hardening security

In this article I'll show you some tricks to help you securing your OpenSSH service. Here you will find useful information on how to secure sshd and prevent ssh dictionary attack.

1. SSH security by tweaking sshd_config

The OpenSSH server configuration file is located in /etc/ssh/sshd_config. You need to restart sshd after every change you make to that file in order for changes to take effect.

  • Change port number

Moving the SSH daemon off of port 22 protects you against automated attacks which assume that sshd is running on port 22.

Port 34912

  • Allow only SSH protocol 2

Only SSH protocol version 2 connections should be permitted. Version 1 of the protocol contains security vulnerabilities. The default setting shipped in the configuration file is correct, but it's important to check.

Protocol 2

Print This Post Print This Post
1Apr/100

How To Set Up OpenSSH Public Key Authentication

Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on GNU/Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells.

Before we start, make sure your computer has a SSH client installed and the remote Linux system has SSH installed and sshd running.

1. Generating RSA key

You will need to generate the local RSA key by running the following command:

# ssh-keygen -t rsa

Print This Post Print This Post
1Apr/100

How To Access SAMBA shares through SSH in Linux

You can access Samba shares by using SSH tunneling. We need a host computer (x.y.z.w) and a destination computer (192.168.0.1, is located in the x.y.z.w network), we'll use adi as username and pass as password.

First we'll create a new mount directory:

# mkdir -p /mnt/share

Now we connect to it:

# ssh -N -L 139:192.168.0.1:139 adi@x.y.z.w

Now we have to run the following commands:

# umount /mnt/share

# mount -t smbfs -o username=adi,workgroup=WORKGROUP,password=pass,port=139,dmask=770,fmask=660,netbiosname=computer1 //localhost/share /mnt/share

x.y.z.w=computer's IP address
192.168.0.1=destination computer
adi=samba username
WORKGROUP=your workgroup
pass=password for the share

Print This Post Print This Post