SSH – Can It Be More Secure?
Posted: 17 March 2013 Filed under: Linux, Security, Slackware | Tags: remote login, RSA key pairs, security, Slackware Documentation Project, ssh 4 CommentsYes, actually. There are ways to harden your ssh implementations that aren’t that difficult.
An example of a simple way to increase your security when using ssh is to utilize the public/private key security rather than using your remote system’s user passwords to access the device. By using RSA key pairs, you can initialize your remote connection without ever having to expose your remote login’s password to the transfer at all.
I recently reinstalled my Slackware on my main machine (It’s a long story for another time, maybe). One of the things I needed to do was to reestablish my ssh connections between the machines on my local network. I settled in this evening to do just that. I ended up having some laughable issues while attempting to get all my machines talking again. We won’t go there, though.
In the process of troubleshooting my issues with ssh, I ran across Noryungi‘s excellent how-to at the Slackware Documentation Project. This place is really shaping up, no thanks to me. I haven’t been too active there because of my other pursuits lately. However, the dedicated folks who contribute there on a regular basis are kicking ass!
Anyway, using this tutorial, I easily set all three of my machines to use RSA public/private key exchange to initiate my ssh connections. I don’t have to sling my user’s passwords around the Ether anymore. Now anyone sniffing packets will only see the public RSA key bouncing around.
Ain’t technology wonderful? ๐
Well, back to studying tomorrow. My Cisco ICND2/CCNA examination is rapidly approaching. Gotta’ go study up on those pesky routing protocols before bedtime.
Later,
~Eric
Those are great things for sure. But still need to do two other things:
1. Change from the Standard port 22 to different port maybe in the user ports area
http://linuxlookup.com/howto/change_default_ssh_port
2. Disable Root Logins
http://www.howtogeek.com/howto/linux/security-tip-disable-root-ssh-login-on-linux/
Yup. Already had that done long ago. ๐
[…] Yes, actually. There are ways to harden your ssh implementations that aren't that difficult. An example of a simple way to increase your security when using ssh is to utilize the public/private key… […]
[…] SSH โ Can It Be More Secure? […]