Five-Minutes to a More Secure SSH

Let’s face it, there entirely too many OpenSSH server installs that are not as secure as we like to believe. Well, it took a blog post to address this and address it clearly they have.

Here is a quick way to drastically improve the security of your OpenSSH server installations. Apart from past flaws in the OpenSSH daemon itself that have allowed remote compromise (very rare), most break-ins result from successful brute-force attacks. You can see them in your firewall, system or auth logs, they are an extremely common form of attack. Here is an excerpt from the /var/log/messages file on a CentOS Linux box (the attacking hostname has been obfuscated). You can see multiple attempts to login as users root and ftp. Also note the time between repeated attempts - one second or less, much too quick to be a human. This is an automated attack…. Geek Pit

[tags]openssh,secure ssh,server installations,centos linux[/tags]