Simple SSH policy protection for exposed hosts

Others 2021-04-01 14:44:03 views: null

Linux exposed host SSH simple strategy protection

1. Modify the default port of the ssh service

The default port of the ssh service is 22, and ordinary malicious users often scan or try to connect to port 22. So the first step is to modify this default port.
Open /etc/ssh/sshd_config, find
Port 22
and then modify 22 to other unoccupied ports, such as 1022. It is best to be between 1-1024 to prevent port conflicts with user processes.
Then restart sshd

sudo /etc/init.d/ssh restart

2. Limit IP

First modify the /etc/hosts.allow file and add the client IP that can access the server's ssh service into it, the format is as follows

sshd:192.168.1.0/255.255.255.0
sshd:172.16.0.0/16
sshd:114.114.114.114

Then modify the /etc/hosts.deny file, add to disable other clients to connect to the ssh service

sshd: ALL

3. Check the login log

View log

more /var/log/secure

View successful login

who /var/log/wtmp

Guess you like

Origin blog.csdn.net/lswzw/article/details/108992137

Simple SSH policy protection for exposed hosts

App Information Protection Compliance Review (Personal Information Protection Policy)-Translation

Apple retail store "secret" policy exposed: reward polite customers?

Use GPO (Group Policy Object) to batch control hosts in the domain

Use different SSH keys for different hosts

ENSP firewall basic policy (web, ssh login)

Add a firewall policy to the Mysql service, it's that simple

Simple example of Huawei policy routing/GRE/NAT

ssh framework and simple implementation

Allow or disallow ssh or telnet operations by configuring hosts.allow and hosts.deny files

Supplementary known_hosts file on the directory under .ssh

Secret-free configuration script between ssh hosts

SSH password-free login between Ubuntu 16.04 hosts

Bulk distribution of ssh public keys on remote hosts using ansible

An interactive tool for monitoring remote hosts via SSH - rtop

System security protection, configuring user environment, configuring advanced connections, firewall policy management

Use SSH port forwarding to achieve remote access to network hosts Remote Desktop (a) establish SSH forwarding

Socket simple implementation of ssh notes

Simple implementation element form validation policy-based mode

AWS Associate Architect Certification Training Practical Exercises | Routing Policy - Simple

REST API using OAuth protection and use simple Angular client

How to remove the write protection of U disk? Share 3 simple methods!

How to make standard lightning protection grounding grid and simple grounding grid

Use SSH port forwarding to achieve remote access to network hosts Remote Desktop (B) dense-free SSH login

6-0 build centos7 in vm start ssh set static ip install jdk exposed port

SSH simple remote login + download files from the server via SSH

Ubuntu installs and starts the ssh service, and the simple use of ssh

Recommended

Ranking

C # program structure (study notes 01)

Data center hosting solutions

글로벌R&D센터 시티특별컨설팅 연구팀이 기린시큐리티를 방문하여 점검 및 안내를 받았습니다.

零基础学java的最佳学习方法和最全java知识大纲(含50G学习资料)

Nginx push pull stream flow --- demand broadcast

Design Patterns: Study Notes (13) - Strategy Mode

10 Cases of White Wolf with Empty Gloves: Make Big Money for Yourself Without Spending a Penny

[Learn PMP with questions] [4.4] Monitor project work

Relations and differences between C and C ++ | CC ++ language 0

How to manually uninstall Teenking

Daily

2024-06-07(0)

2024-06-06(0)

2024-06-05(0)

2024-06-04(0)

2024-06-03(1)

2024-06-02(0)

2024-06-01(1)

2024-05-31(1)

2024-05-30(0)

2024-05-29(1)