{"id":987,"date":"2014-04-29T09:06:15","date_gmt":"2014-04-29T09:06:15","guid":{"rendered":"http:\/\/scunster.co.uk\/?p=987"},"modified":"2014-04-29T09:06:15","modified_gmt":"2014-04-29T09:06:15","slug":"general-tips-for-helping-to-secure-ssh","status":"publish","type":"post","link":"https:\/\/scunster.co.uk\/?p=987","title":{"rendered":"General Tips for helping to secure SSH"},"content":{"rendered":"<p>There are guides on the site to cover most of these tips but this is just a quick checklist to help keep ssh \/ your server secure<\/p>\n<p>Run SSH on port other than 22 (Change in \/etc\/ssh\/sshd_config)<\/p>\n<p>Dis Allow root logon (ensure you can use su or sudo from the terminal first!)<br \/>\n(uncomment out #PermitRootLogin no in \/etc\/ssh\/sshd_config)<\/p>\n<p>Add message banner (<a href=\"http:\/\/scunster.co.uk\/?p=1031\" title=\"SSH Banner\">Config article here<\/a>)<br \/>\nIt is good prectice to announce that your server is private and that unauthorized access is not permitted)<\/p>\n<p>Only protocol SSH2 (Change in \/etc\/ssh\/sshd_config)<\/p>\n<p>Require public \/ private keys for access<\/p>\n<p>Remove password authentication \/ logon (Check your public \/ private keys allow you access first!)<br \/>\n(<a href=\"http:\/\/scunster.co.uk\/?p=1031\" title=\"SSH Banner\">Config article here, uncomment out the last three lines on that page from \/etc\/ssh\/sshd_config<\/a>)<\/p>\n<p>Only permit specific user(s) (add each user with the AllowUsers directive in \/etc\/ssh\/sshd_config)<\/p>\n<pre>AllowUsers john<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>There are guides on the site to cover most of these tips but this is just a quick checklist to help keep ssh \/ your server secure Run SSH on port other than 22 (Change in \/etc\/ssh\/sshd_config) Dis Allow root logon (ensure you can use su or sudo from the terminal first!) (uncomment out #PermitRootLogin [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,171],"tags":[],"class_list":["post-987","post","type-post","status-publish","format-standard","hentry","category-linux","category-security-linux"],"_links":{"self":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=987"}],"version-history":[{"count":2,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/987\/revisions"}],"predecessor-version":[{"id":1042,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/987\/revisions\/1042"}],"wp:attachment":[{"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/scunster.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}