Security Basics mailing list archives
RE: Securing SSH
From: "Vinicius Moreira Mello" <vinicius () lineone net>
Date: Sat, 10 Jan 2004 15:33:03 -0200
Roland, There are various considerations in doing ssh security. The ssh(1) man page is extremely useful in answering many of your questions and presenting many options to do so. You can also think about using tcp-wrappers. vmm. (I don't like answers things like "read the man page", but in this case no discussion would be so useful as reading the ssh(1) man page)
-- Original Message -- Reply-To: <rolandv () xtra co nz> From: "Roland Venter" <rolandv () xtra co nz> To: <security-basics () securityfocus com> Subject: Securing SSH Date: Sat, 10 Jan 2004 12:53:31 +1300 I need to manage several servers remotely via SSH, I'm interested in ways
to secure the connection and prevent unauthorised access. My thoughts: Limit access to only allow remote connections from our management network via iptables rules. Works b
t what if our ISP changes our fixed IP, which
means we are effectively locked out from all the servers and requires a site visit to update the rules. We also need to provide access to engineers working from home using dialup, etc Some sort of
lient certificates to supplement username and password,
Recommendations on securing the SSH daemon etc Any ideas and tips or random thoughts appreciated Cheers, Roland -------------------------------------------------------------
-------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and man
other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Securing SSH Roland Venter (Jan 09)
- Re: Securing SSH security (Jan 12)
- Re: Securing SSH Jude Naidoo (Jan 12)
- RE: Securing SSH Vinicius Moreira Mello (Jan 12)
- Re: Securing SSH Kevin Saenz (Jan 12)
- RE: Securing SSH Ethan King (Jan 12)
- Re: Securing SSH Brian C. Lane (Jan 12)
- Re: Securing SSH Miles Stevenson (Jan 12)
- Re: Securing SSH Joerg Over Dexia (Jan 12)
- Re: Securing SSH Kaushik Mukherjee (Jan 13)
- Re: Securing SSH Luca Falavigna (Jan 13)
- <Possible follow-ups>
- RE: Securing SSH Shawn Jackson (Jan 14)