On 01May2020 11:18, bruce <badouglas@xxxxxxxxx> wrote:
Looking through lots of online sites for making changes/mods to
sshd_config files to harden/secure the process.
Would it be cool to post the changes here for comment?
Yes.
Also, anyone have suggestions as well?
My initial steps are always:
- PermitRootLogin no
- PasswordAuthentication no
- AllowUsers just specific logins names here
- UseDNS no
The UseDNS one is only slightly security - by disabling DNS lookup of
incoming clients we (a) speed things up, particularly on high latency
links and (b) stop leaking information about who is connecting to use to
upstream DNS servers (from the DNS query).
Cheers,
Cameron Simpson <cs@xxxxxxxxxx>
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
