How to protect SSH security in Linux

In Linux systems, the importance of SSH cannot be underestimated. Its encrypted communication function ensures the security of data transmission, while multiple authentication methods can effectively prevent unauthorized access.

Establish secure communication links end-to-end securely to prevent data leakage.

The administrator implements flexible access control through SSH, restricting login users and IP addresses.

SSH also has auditing and logging functions, which can record user activities, allowing administrators to regularly review logs, monitor the security of the system, and detect any abnormal behavior in a timely manner.

These security features work together to ensure the overall security of the system.

10 configuration methods are as follows

• 1. Disable Root login
  • Edit SSH configuration file: /etc/ssh/sshd_config
  • Settings PermitRootLogin no
  • Restart SSH service: sudo systemctl restart sshd
• 2. Use SSH key authentication
  • Generate key pair: ssh-keygen
  • Copy the public key to the server: ssh-copy-id user@hostname
• 3.Change SSH port
  • Edit SSH configuration file: /etc/ssh/sshd_config
  • Change Port 22 to another port
  • Restart SSH service: sudo systemctl restart sshd
• 4. Restrict login users
  • Edit SSH configuration file: /etc/ssh/sshd_config
  • Add a list of allowed login users: AllowUsers username1 username2
  • Restart SSH service: sudo systemctl restart sshd
• 5. Configure SSH access control
  • Use tcp_wrappers or firewall to configure access control
• 6. Enable login check
  • Edit SSH configuration file: /etc/ssh/sshd_config
  • Settings LoginGraceTime 30s Detect login timeout
  • Restart SSH service: sudo systemctl restart sshd
• 7. Use a firewall
  • Enable firewall, such as iptables or ufw
• 8.Limit the number of attempts
  • Edit SSH configuration file: /etc/ssh/sshd_config
  • Add MaxAuthTries 3 Limit the number of attempts
  • Restart SSH service: sudo systemctl restart sshd
• 9.Use TCP Wrapper
  • Edit /etc/hosts.allow and /etc/hosts.deny File Configuration Access Control
• 10. Monitor SSH logs
  • View and monitor /var/log/auth.log or /var/log/secure log files to detect abnormal login behavior

Be sure to back up the configuration files before making any changes to the SSH server in case something goes wrong.

The above is the detailed content of How to protect SSH security in Linux. For more information, please follow other related articles on the PHP Chinese website!