In my office i setup my PC as ssh server, that is i opened the port TCP 22 in the firewall and had sshd running.
Just that i get tons of attack attempts a day, i have super-strong passwords so none of those attacks was successful so far, but i would still like better protection because i have a lot of personal information on that machine that needs to be protected.
I am the only person that needs to login (from home) so i would like to have the ssh service allowed only to me and nobody else.
I cannot find around clear explanations about how to do this.
I use the default built-in firewall, opensuse 11.
At home, i have DHCP but my IP address never changed in months so i could also set restricted authentication based on IP-address
in some cases however they might run some scanport tools to catch ports on which some services are running, and in that case they would still attempt to login into that port…
But if i can find a way to allow only one user, then i will also bring the sshd to another port.
Hi
Most of them are just looking at the standard ports <1024 would take
them a long time to scan all 65K.
Generate a host key and use that, see man sshd and change the port
from time to time, but I think you will notice a big difference if you
change the port sshd is running on.
Also make sure your config only uses protocol 2, no root login and
disable any motd/banner etc.
–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.0 x86 Kernel 2.6.25.18-0.1-default
up 1 day 3:43, 1 user, load average: 0.48, 0.47, 0.42
GPU GeForce 6600 TE/6200 TE - Driver Version: 177.80
Yes, as long as you don’t give it out, again change it on random basis
just like the ports and y’all should be “Happy as a pig in the
sunshine” (As an ex-pat New Zealander, you have love these southern
sayings).
–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.0 x86 Kernel 2.6.25.18-0.1-default
up 1 day 4:16, 1 user, load average: 0.61, 0.53, 0.46
GPU GeForce 6600 TE/6200 TE - Driver Version: 177.80