SSH is a great tool to have when you need remote access to a server, and it is naturally more secure than other methods, such as Telnet. Nevertheless, you should still take care to make sure your OpenSSH server is as secure as possible. Here are two tips to get you started:
1. Only use protocol 2. SSH-1 was known to have some security issues. On most servers, it should already be set to two, but it doesn’t hurt to check. Open /etc/ssh/ssh_config and make sure the following line is there:
Protocol 2
2. Allow or Deny specific users. Sometimes, you know exactly who to trust and who not to trust with SSH access. If you do, you can specify those users in your config file. For example, to allow only root, marshall, and bob to have access:
AllowUsers root marshall bob
To deny jake, rene, and xander:
DenyUsers jake rene xander
In part 2, we will discuss some other ways to secure your OpenSSH server. Check back soon.