Differences

This shows you the differences between two versions of the page.

--- ssh [2009/03/19 12:34]
a ssh chroot solution
+++ ssh [2009/07/23 15:33]
193.164.137.40 http://wiki.centos.org/HowTos/Network/SecuringSSH
@@ Line 3: / Line 3: @@
 Links:
    * [[http://www.howtoforge.com/chrooted-ssh-sftp-tutorial-debian-lenny|Chrooted SSH/SFTP Tutorial (Debian Lenny) ]]
+   * [[http://wiki.centos.org/HowTos/Network/SecuringSSH|Securing SSH (CentOS wiki)]]
 ===== banner in ssh =====
@@ Line 16: / Line 17: @@
    *********************************************
-===== Creating SSH key =====
-**DSA key**
-   ssh-keygen -t dsa
+===== SSH and working with keys =====
+create your key
+   ssh-keygen -t dsa
+copy your new key out to all the servers, and make ssh use it.
+the mkdir below may fail if the directory exists, ignore the error its harmless
+<code bash|>
+for i in $(cat servers) ; do
+echo SERVER=$;
+scp ~/.ssh/id_dsa.pub $i
+ssh $i "mkdir .ssh ;
+chmod 700 .ssh ;
+cat ~/id_dsa.pub >> ~/.ssh/authorized_keys ;
+chmod 644 /.ssh/authorized_keys;"
+done
+</code>
 ====== How to harden your sshd ======
@@ Line 115: / Line 129: @@
 This document is free; you can redistribute it and/or modify it under the terms of the GNU GPL, see http://www.gnu.org/copyleft/gpl.html .  There is NO WARRANTY.
+===== Fail2Ban ====
+  /etc/fail2ban/jail.conf\\
+\\
+      action = %(action_mw)s\\