• Recent blogs

    How to Restrict Access to SSH Connections

     The Secure Shell (SSH) allows protected, encrypted communication with other systems. As SSH is an entry point into the system, disable it if it is not required. Alternatively, we can make it more secure by restricting its use. To do that edit the /etc/ssh/sshd_config file.

    Disable Root Login:

    For example, the following setting does not allow root to log in using SSH:

    PermitRootLogin no

    By default  root login is disabled in Linux distros, But if its not you can do the above changes and Restart sshd daemon.

     Allow/Deny Users

    You can restrict remote access to certain users and groups by specifying the AllowUsersAllowGroupsDenyUsers, and DenyGroups settings, for example:

    DenyUsers carol dan
    AllowUsers alice bob

    Automatic timeout

    The ClientAliveInterval and ClientAliveCountMax settings cause the SSH client to time out automatically after a period of inactivity, for example:

    # Disconnect client after 300 seconds of inactivity
    ClientAliveCountMax 0
    ClientAliveInterval 300

    After making changes to the configuration file, restart the sshd service for your changes to take effect.

    # systemctl restart sshd

    No comments