Security Basics mailing list archives

Re: Securing SSH

From: Kevin Saenz <ksaenz () spinaweb com au>
Date: Sun, 11 Jan 2004 18:16:51 +1100

Roland,

I need to manage several servers remotely via SSH, I'm interested in ways to
secure the connection and prevent unauthorised access.

SSh is one of the most secure protocols. from memory openSSh
vulnerabilities are usually closed within 24 hours of their discovery.
But if you are VERY paranoid with such a protocol why don't you
implement VPN technology do not implement IPSec with aggressive mode as
it is insecure.

Some sort of client certificates to supplement username and password,

SSh uses keys logon. you wouldn't need a password you just ssh to the
box with your user id and transfer the key for identification.

Recommendations on securing the SSH daemon etc

go to openssh.org





---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------

Current thread:

Securing SSH Roland Venter (Jan 09)
- Re: Securing SSH security (Jan 12)
- Re: Securing SSH Jude Naidoo (Jan 12)
- RE: Securing SSH Vinicius Moreira Mello (Jan 12)
- Re: Securing SSH Kevin Saenz (Jan 12)
- RE: Securing SSH Ethan King (Jan 12)
- Re: Securing SSH Brian C. Lane (Jan 12)
- Re: Securing SSH Miles Stevenson (Jan 12)
- Re: Securing SSH Joerg Over Dexia (Jan 12)
  - Re: Securing SSH Kaushik Mukherjee (Jan 13)
- Re: Securing SSH Luca Falavigna (Jan 13)
- <Possible follow-ups>
- RE: Securing SSH Shawn Jackson (Jan 14)