SSH Server Setup
- Paul McCullough (Unlicensed)
- Samuel Valdez (Unlicensed)
Owned by Paul McCullough (Unlicensed)
Since we are using cloud based resources we use key based SSH access to our linux servers.
We are using these ssh configurations
based loosely on these recommendations
- http://thinkhole.org/wp/2006/10/30/five-steps-to-a-more-secure-ssh/
- http://www.mysql-apache-php.com/ssh-attacks.htm
- http://samcaldwell.net/index.php/technical-articles/3-how-to-articles/39-how-do-i-secure-ssh-properly
We store all of our SSH users and their public keys in an internal secure location.
First, swith to root.
$ su - root ...
The sshd_config gets deployed to this path:
/etc/ssh/sshd_config
on each linux box.
Make sure no on has read/write on sshd_config except root.
chmod og-rw /etc/ssh/sshd_config chmod u+rw /etc/ssh/sshd_config
And be sure to restart the sshd server for the changes to take effect.
service sshd restart