On secure-shell security
It is 2020, and we can say for sure, that ssh-server is still one of the most popular services on Linux systems. During various meetings, I was often asked: How to secure SSH? Even though this question seems trivial, it is not. There are a lot of things to remember to accomplish well-designed service security.
Secure shell is used not only for a remote-shell, per se. Many other technologies depend on it, for various reasons. For example:
- Git to download and push the code. [1]
- Ansible to apply tasks. [2]
- Cloudera for installation procedures. [3]
(Do not ask us, we do not understand it too.)
I have decided to answer the above question once and forever, and always refer to this document, trying to keep it up-date and consistent with current security practices. The purpose of this post is to answer the question: How to secure SSH? It is a comprehensive document for infosec and devops teams, that will guide them through all known best-practices and hardening rules.
Thanks to Kamil Zabielski (
The link for this article located at Sysdogs is no longer available.