ssh:configure_sshd
This is an old revision of the document!
Table of Contents
SSH - Configure sshd
Backup the existing configuration file
First, make a backup of your sshd_config file by copying it to your home directory, or by making a read-only copy in /etc/ssh by doing:“
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults sudo chmod a-w /etc/ssh/sshd_config.factory-defaults
Edit the sshd config file
Issue the following command:
sudo vi /etc/ssh/sshd_config
Restrict SSH to version 2
…add in this line if not already in the sshd configuration file, otherwise modify it to be:
Protocol 2
SSH protocol version 1 (SSH-1) has man-in-the-middle attacks problems and security vulnerabilities. SSH-1 is obsolete and should be avoided at all cost.
Disable logins for the **root** user, only allow login for the core user and disable password based authentication.
permissions: 0600 owner: root:root
- /etc/ssh/sshd_config
# Use most defaults for sshd configuration. UsePrivilegeSeparation sandbox Subsystem sftp internal-sftp PermitRootLogin no AllowUsers core PasswordAuthentication no ChallengeResponseAuthentication no
ssh/configure_sshd.1480940351.txt.gz · Last modified: 2020/07/15 09:30 (external edit)