Trump, Tariffs, and the Canadian Economy
5 days ago
Visitors
Popular Posts
-
Please read my previous post before you watch this video. 1. Setting Your Own Website On CentOS 6 (PHP 5 & MySQL 5) 2. Instal...
-
In my previous post, I showed you how to build an website from scratch with PHP and MySQL. Now, I will start to build my forum using phpB... -
This guide will help you to create a Task Schedule to Shutdown or Restart Windows Server Automatically. First, you have to download PSshu... -
It is so sad that the graphic management VMware ESXi is not support Linux OS so today I will write about how to use vCLI on Linux. -
There are many solutions that help typing Vietnamese on Linux (RedHat/Fedora/CentOS). One of those is SCIM. It is very simple to install Sc...
My Blog List
How To Secure SSH Connection
Wednesday, July 27, 2011
Secure your SSH connection is very important. I guess that you don’t want your password being hacked, right? There are some tips that can help you to have a securer connection. Here we go!
Step 1. SELinux restrictions for SSH
Step 2. Use TCP Wrappers to limit the hosts that can connect to server:
# echo “sshd: 192.168.1.” >> /etc/hosts.allow
# echo “ALL: ALL” >> /etc/hosts.deny
This allow all clients with the 192.168.1.0/24 subnet to connect into the SSH server, and it disallows any other host outside this subnet.
Step 3. Change the options to improve security (/etc/ssh/sshd-config):
When you change these options, the default port isn't known to everyone, and only the internal network adapter listens for connections. Then only the two users (root and user01) are allowed to connect to the SSH server.
Have fun!
Tags:
Linux
Step 1. SELinux restrictions for SSH
Step 2. Use TCP Wrappers to limit the hosts that can connect to server:
# echo “sshd: 192.168.1.” >> /etc/hosts.allow
# echo “ALL: ALL” >> /etc/hosts.deny
This allow all clients with the 192.168.1.0/24 subnet to connect into the SSH server, and it disallows any other host outside this subnet.
Step 3. Change the options to improve security (/etc/ssh/sshd-config):
When you change these options, the default port isn't known to everyone, and only the internal network adapter listens for connections. Then only the two users (root and user01) are allowed to connect to the SSH server.
Have fun!
