blog.up-link.ro android bsd linux unix & open-source world

27Apr/103

SSH Security Tips – OpenSSH hardening security

In this article I'll show you some tricks to help you securing your OpenSSH service. Here you will find useful information on how to secure sshd and prevent ssh dictionary attack.

1. SSH security by tweaking sshd_config

The OpenSSH server configuration file is located in /etc/ssh/sshd_config. You need to restart sshd after every change you make to that file in order for changes to take effect.

  • Change port number

Moving the SSH daemon off of port 22 protects you against automated attacks which assume that sshd is running on port 22.

Port 34912

  • Allow only SSH protocol 2

Only SSH protocol version 2 connections should be permitted. Version 1 of the protocol contains security vulnerabilities. The default setting shipped in the configuration file is correct, but it's important to check.

Protocol 2

Print This Post Print This Post