TuxTraining

SSH is one of the most secure communication methods we have. It’s encrypted, and even the passwords can’t be sniffed. But it’s not invincible. Weak passwords can be brute forced and open ports invite automated bots looking for that open port 22. But there’s a number of ways we can harden our ssh server.

Note: Ubuntu, Mint, Linspire, and Debian Readers, please read this regarding an OpenSSL Vulnerability:

• http://www.ubuntu.com/usn/usn-612-2
• http://wiki.debian.org/SSLkeys

(more…)

Related Reading:

1. Linux to Linux Key Based SSH
2. Preventing Brute Force Attacks With Fail2ban

To cover a few more loose ends on the access to the ssh service running on your machine I would suggest editing your host files to properly reject connections. In this following tutorial we’re going to cover locking down ssh without installing any extra applications.

(more…)