13 Jan
2009
13 Jan
'09
12:47 a.m.
David Klann wrote:
New to the list, so please forgive unintentional netiquette transgressions...
Welcome :-)
<snip>
Discounting DoS or DDoS attacks, my solution to nefarious SSH attempts is threefold: 1) run sshd on a port other than 22 (I know, obscurity is not security...), 2) disable the root account (e.g., set the root password to '*' in /etc/shadow), and allow only sudo(1) access to privileged commands (this is the default on Ubuntu systems), and 3) disable password authentication in sshd_config and require all ssh users to log in using public key authentication.
Probably other things one can do, but I think this is a good first step.