Linux Security
    Linux Security
    Linux Security

    On secure-shell security

    Date 28 Aug 2020
    684
    Posted By Brittany Day
    LS Hmepg 337x500 13

    It is 2020, and we can say for sure, that ssh-server is still one of the most popular services on Linux systems. During various meetings, I was often asked: How to secure SSH?  Even though this question seems trivial, it is not. There are a lot of things to remember to accomplish well-designed service security.

     

    Secure shell is used not only for a remote-shell, per se. Many other technologies depend on it, for various reasons. For example:

    • Git to download and push the code. ​[1]​
    • Ansible to apply tasks. ​[2]​
    • Cloudera for installation procedures. ​[3]​
      (Do not ask us, we do not understand it too.)  

    I have decided to answer the above question once and forever, and always refer to this document, trying to keep it up-date and consistent with current security practices. The purpose of this post is to answer the question: How to secure SSH? It is a comprehensive document for infosec and devops teams, that will guide them through all known best-practices and hardening rules.

    Thanks to Kamil Zabielski (This email address is being protected from spambots. You need JavaScript enabled to view it.) for submitting this article.

    Advisories

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"14","type":"x","order":"1","pct":2.76,"resources":[]},{"id":"159","title":"False","votes":"493","type":"x","order":"2","pct":97.24,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.