[clue-tech] Protecting against the ssh hack
Ken MacFerrin
lists at macferrin.com
Mon Sep 25 20:46:44 MDT 2006
Jack Parker wrote:
> Way cool. Works perfectly. Console can login as root, ssh cannot. I like
> that it acts as though it's just a bad passwd.
>
> j.
>
> -----Original Message-----
> From: clue-tech-bounces at cluedenver.org
> [mailto:clue-tech-bounces at cluedenver.org]On Behalf Of adam bultman
> Sent: Monday, September 25, 2006 10:09 PM
> To: CLUE tech
> Subject: Re: [clue-tech] Protecting against the ssh hack
>
> Restricting root login can be done in 'sshd_config', which should be
> somewhere around /etc/ssh/ . Change PermitRootLogin or whatever to
> 'No', and restart sshd.
>
>
For a machine with a limited number of users, I prefer to take this a
step further and "whitelist" only the specific users that I want to
allow SSH access:
# /etc/ssh/sshd_config
PermitRootLogin no
AllowUsers user1 user2 user3
-Ken
More information about the clue-tech
mailing list