Skip to content

Instantly share code, notes, and snippets.

@floudet

floudet/ssh-security-best-practices.md

Last active January 15, 2023 15:48
Show Gist options
  • Save floudet/34c24d2a86cf1536e7c0dc43f6fb2314 to your computer and use it in GitHub Desktop.
Save floudet/34c24d2a86cf1536e7c0dc43f6fb2314 to your computer and use it in GitHub Desktop.
Download ZIP
SSH Security Best Practices
Raw
ssh-security-best-practices.md

SSH Security Best Practices

On /etc/ssh/sshd_config:

  1. Disable Root Logins

Best: PermitRootLogin no
Good: PermitRootLogin without-password (requires PubkeyAuthentication yes)

  1. Limit user Logins
AllowUsers alice bob
  1. Disable Protocol 1
Protocol 2
  1. Use a Non-Standard Port
Port 2345
  1. Use Public/Private Keys for Authentication
PubkeyAuthentication yes

Disable password authentication forcing use of keys:

PasswordAuthentication no

Source: https://wiki.centos.org/HowTos/Network/SecuringSSH

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment