1 |
On Monday 23 October 2006 13:21, Brian Davis wrote: |
2 |
> What do you folks do to harden SSHD? I'm looking for some pointers. |
3 |
> |
4 |
> Thanks, |
5 |
> Brian |
6 |
I'm not sure what you mean. I suppose you could make a chroot jail for ssh, |
7 |
except I'm assuming you want access to the real system... which you could run |
8 |
a separate server on a different port and use iptables to allow connection to |
9 |
that port only from a specific i.p. address.. |
10 |
|
11 |
The main thing I have noticed lately is the huge volume of brute-force |
12 |
attacks: |
13 |
|
14 |
Using DenyHosts is pretty much a necessity now. |
15 |
app-admin/denyhosts |
16 |
|
17 |
-Jason |
18 |
|
19 |
-- |
20 |
gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc |
21 |
-- |
22 |
gentoo-hardened@g.o mailing list |