Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
ssh [2009/03/19 12:34] a ssh chroot solution |
ssh [2009/07/23 15:33] 193.164.137.40 http://wiki.centos.org/HowTos/Network/SecuringSSH |
||
---|---|---|---|
Line 3: | Line 3: | ||
Links: | Links: | ||
* [[http:// | * [[http:// | ||
+ | * [[http:// | ||
===== banner in ssh ===== | ===== banner in ssh ===== | ||
Line 16: | Line 17: | ||
| | ||
- | ===== Creating SSH key ===== | ||
- | **DSA key** | ||
- | | ||
+ | ===== SSH and working with keys ===== | ||
+ | |||
+ | create your key | ||
+ | | ||
+ | copy your new key out to all the servers, and make ssh use it. | ||
+ | the mkdir below may fail if the directory exists, ignore the error its harmless | ||
+ | <code bash|> | ||
+ | for i in $(cat servers) ; do | ||
+ | echo SERVER=$; | ||
+ | scp ~/ | ||
+ | ssh $i "mkdir .ssh ; | ||
+ | chmod 700 .ssh ; | ||
+ | cat ~/ | ||
+ | chmod 644 / | ||
+ | done | ||
+ | </ | ||
====== How to harden your sshd ====== | ====== How to harden your sshd ====== | ||
Line 115: | Line 129: | ||
This document is free; you can redistribute it and/or modify it under the terms of the GNU GPL, see http:// | This document is free; you can redistribute it and/or modify it under the terms of the GNU GPL, see http:// | ||
+ | |||
+ | ===== Fail2Ban ==== | ||
+ | / | ||
+ | \\ | ||
+ | action = %(action_mw)s\\ | ||
+ |