I consider most of these steps pretty paranoid, since ssh is pretty
secure in the first place (at least the current version anyways).
Besides the things mentioned by other people:
Do you have physical security?
BIOS and GRUB/LILO passwords might help the casual physical attack
Have only the required ports open, use nmap to verify (locally and
remotely).
You are fully patched right?
All non-used user accounts closed
All open accounts have NULL passwords (use ssh-keys for access)
Do you have backups?
Are they secure as well.
Do you need encrypted swap?
Encrypted FS?
On Fri, Aug 01, 2003 at 11:50:41AM -0700, Daniel Hurt wrote:
>
> I know the title is kind of redundant, but I was curious if there is
> anything beyond these couple of steps that I have taken to secure ssh?
>
> First I have edited the /etc/securetty to contain only these entries:
> tty1
> tty2
> tty3
> tty4
> tty5
> tty6
>
> This is to allow root to login from the local console only. I have also
> edited the sshd_conf file to disallow root logins. This box is sitting
> behind a router that only has port 22 forwarded to this machine and I have
> setup the router so that it does not respond to ping request from the
> outside world. The final thing, I could think of is to set hosts.allow to
> the certain IP�s that I might connect from, but I would like to connect
> from anywhere to this machine. Is there anything else that I might
> consider to help keep the machine secure?
> _______________________________________________
> vox-tech mailing list
> [EMAIL PROTECTED]
> http://lists.lugod.org/mailman/listinfo/vox-tech
--
Bill Broadley
Mathematics
UC Davis
_______________________________________________
vox-tech mailing list
[EMAIL PROTECTED]
http://lists.lugod.org/mailman/listinfo/vox-tech
