Monday, August 29, 2011
Tips for Secure SSH Login
Secure Shell (SSH):
has been constructed with regards to security. Previously, customers often accessed Telnet in order to gain connection to their servers; however, this was the time, when servers were located right across the hall, not widely spread across the infinite internet.
Secure Shell provides an additional layer of encryption to the communication, ensuring that the users can connect with the dedicated server or the virtual private server (VPS) without having to feel wary of any threat from malicious activity, such as the capturing of their password.
Default Port No: 22/Tcp
Restrict Root login's:
In an ordinary situation, you have no motive to permit straight root logins to your server. Although the system administrator can be one of the roots once it has logged in (using su or sudo), it is far too dangerous to make your root account open to the entire Internet.
Jail users in chroot directories:
Servers, belonging to Linux and UNIX, provide the ability of restricting ordinary users from doing something dangerous, such as removing all the documents;, however, nothing can be done about viewing the files.
Install Brute Force Detection software:
Malicious hackers can make use of forcible methods in an attempt to gain knowledge of your password and carry out malevolent activity on your server.
Maintain secure password and periodic rotations:
Being the sysadmin, you have the ability to manage the requirements regarding the strength of the password along with making it compulsory for users to modify their password after a period of time.
Set the Timeout Interval:
An extremely helpful feature, a part of SSH configuration file, is that it allows you to determine a timeout interval, disallowing users from staying logged in, irrespective of whether they have forgotten to logout .
Posted by Chandrasekar Rathinam at 7:32 AM
Labels: build ssh, secure ssh, ssh, ssh-secure, tips for ssh