From: Chris Koeritz Date: Tue, 2 Jun 2020 13:52:57 +0000 (-0400) Subject: added note for tighter sshd config X-Git-Tag: 2.140.134~20^2~5 X-Git-Url: https://feistymeow.org/gitweb/?a=commitdiff_plain;h=db0f653f4eb35bf78fba6204ccaa1860da4c7dcd;p=feisty_meow.git added note for tighter sshd config --- diff --git a/infobase/configuration/ssh/mods_for_etc_sshd_config.txt b/infobase/configuration/ssh/mods_for_etc_sshd_config.txt new file mode 100644 index 00000000..322fdbac --- /dev/null +++ b/infobase/configuration/ssh/mods_for_etc_sshd_config.txt @@ -0,0 +1,17 @@ + +to increase security on an sshd server, and assuming you have +registered your ssh keys ahead of time in authorized_keys, then +this bit goes in /etc/sshd_config (at the end works fine): + +############## + +# fred mods 2019-02-19: +# trying to keep intruders out... this disables password logins. +# also of course disables root logins, which should already have been done. +PermitRootLogin no +ChallengeResponseAuthentication no +PasswordAuthentication no +UsePAM no + +############## +