...
We are using these ssh configurations
based loosely on these recommendations
...
We store all of our SSH users and their public keys in an internal secure location.
First, swith to root.
| Code Block |
|---|
$ su - root ... |
The sshd_config gets deployed to this path:
| Code Block |
|---|
/etc/ssh/sshd_config
|
on each linux box.
Make sure no on has read/write on sshd_config except root.
| Code Block |
|---|
chmod og-rw /etc/ssh/sshd_config
chmod u+rw /etc/ssh/sshd_config
|
And be sure to restart the sshd server for the changes to take effect.
| Code Block |
|---|
service sshd restart
|