02--OpenSSH2

Others 2019-06-07 18:53:51 views: null

OpenSSH optimization

1, do not use the default port

2, prohibit the use of protocol version 1

3, users can log limit

  man sshd_config

    AllowUsers user1 user2 user3 // specified user whitelist

    AllowGroups // possible to specify a list of white group

    DenyGroups // set blacklist

    DenyUsers // user blacklist

vim /etc/ssh/sshd_conf
AllowUsers root test
/etc/init.d/sshd reload

4, the session timeout length is set Idle

5, use a firewall -iptables set of access policies ssh

6, monitor only specific IP addresses

7, when password-based authentication, to use a strong password policy

  Randomly generated password strings:

tr -dc A-Za-z0-9 < /dev/urandom | head -c 30 | xargs

8, using a password-based authentication

9, prohibit the use of blank password

10, prohibits the root user directly landing

11, limiting ssh access to the frequency and the number of concurrent

12. Well logs, regular analysis

Guess you like

Origin www.cnblogs.com/BurnovBlog/p/10988666.html
Recommended
Ranking
Big Data Development-Flume-Access Hive Data Warehouse Construction Process
Week Twelve blog jobs
Jmeter plug-in PerfMon Metrics Collector installation and use and error resolution
fastjson vulnerability research deserialization (at)
Summary of errors encountered by IDEA using Tomcat
SAP ABAP Excel import data download template example
[SpringBoot] System Description
GPU memory hierarchy (gpu memory hierarchy)
Common Commands in Linux
Flowable process history display modification based on jeecg-boot
Daily
More
2024-08-28(0)
2024-08-27(0)
2024-08-26(0)
2024-08-25(0)
2024-08-24(0)
2024-08-23(0)
2024-08-22(0)
2024-08-21(0)
2024-08-20(0)
2024-08-19(0)

Code World

© 2018 codetd.com