ssh:configure_sshd
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| ssh:configure_sshd [2016/12/05 12:19] – peter | ssh:configure_sshd [2019/12/04 21:20] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== SSH - Configure sshd ====== | ||
| - | ===== Backup the existing configuration file ===== | ||
| - | |||
| - | First, make a backup of your sshd_config file by copying it to your home directory, or by making a read-only copy in /etc/ssh by doing:" | ||
| - | |||
| - | <code bash> | ||
| - | sudo cp / | ||
| - | sudo chmod a-w / | ||
| - | </ | ||
| - | |||
| - | |||
| - | ===== Edit the sshd config file ===== | ||
| - | |||
| - | Issue the following command: | ||
| - | |||
| - | <code bash> | ||
| - | sudo vi / | ||
| - | </ | ||
| - | |||
| - | |||
| - | |||
| - | ===== Restrict SSH to version 2 ===== | ||
| - | |||
| - | …add in this line if not already in the sshd configuration file, otherwise modify it to be: | ||
| - | |||
| - | < | ||
| - | Protocol 2 | ||
| - | </ | ||
| - | |||
| - | <WRAP info> | ||
| - | SSH protocol version 1 (SSH-1) has man-in-the-middle attacks problems and security vulnerabilities. | ||
| - | </ | ||
| - | |||
| - | |||
| - | |||
| - | ===== Disable logins for the **root** user, only allow login for the core user and disable password based authentication. ===== | ||
| - | |||
| - | permissions: | ||
| - | owner: root:root | ||
| - | |||
| - | <file bash / | ||
| - | # Use most defaults for sshd configuration. | ||
| - | UsePrivilegeSeparation sandbox | ||
| - | Subsystem sftp internal-sftp | ||
| - | |||
| - | PermitRootLogin no | ||
| - | AllowUsers core | ||
| - | PasswordAuthentication no | ||
| - | ChallengeResponseAuthentication no | ||
| - | </ | ||
ssh/configure_sshd.1480940351.txt.gz · Last modified: 2020/07/15 09:30 (external edit)