This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Re: SSH OK, but...

Posted by: Anonymous [ip: 57.67.164.37] on January 28, 2008 11:29 AM
To add a best practice: I enabled ssh access, but for sftp only. Apart from all the low-hanging fruit as described above, I added some more restrictions but still fulfilling my demand. Interactive ssh access is not allowed. I also have set-up a chroot jail for the _only_ user allowed to login via ssh (key authentication only). As I am the only person logging in remotely, I am running the server on some arbitrary selected port number. This saves the system from automated login attempts from all over the world when it would have been running at port 22.

#

Return to Celebrity advice on keeping your Linux desktop secure