[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
To: <list@xxxxxxxxxxxxx> Sent: Monday, October 03, 2005 12:41 PM Subject: Re: [LUG] Securing SSH
On Mon, 2005-10-03 at 11:11 +0100, Philip Radford wrote:Hi all, I was wondering if anyone has had any experience with configuring and securing the SSH daemon from unauthorised access. I have recently discovered that my server was being targeted by a dictionary attack via SSH on Port 22 and therefore got me thinking about ways to restrict by IP address or even not to use remote SSH login via the root login at all and access the server via alternative means.I tend to restrict SSH using the TCP wrapper (/etc/hosts.allow file). I'm running Fedora Core 4, so your distro may/may not have built it with TCP wrappers enabled. I have never enabled root login (ssh or not). John.
Thanks for that John,That sounds interesting. Could you point me in the right direction for achieving this. We are using Red Hat 9 which is dated by todays standards but we are looking at RHEL in the near future.
Wouldn't /(/etc/hosts.allow) block access to all daemons coming in via eth0 and not just SSH. Unless that is what this wrapper is intended to achieve.
Thanks for your advice. Regards Philip Radford. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html