sshd port config and security

To: debian-security@lists.debian.org
Subject: sshd port config and security
From: Vinh Truong <vtruong@enteract.com>
Date: Fri, 6 Apr 2001 10:31:27 -0500
Message-id: <20010406103127.A12998@enteract.com>

I have sshd set up on my machine at home.  Instead of the default port
22, I uninstalled telnetd and run sshd on 23.  I do this mostly because
I want to ssh into my machine from work where they don't open port 22 on
the firewall.  They do however allow telnet to the outside.  I have
commented out everything in inetd.conf, set up hosts.allow / hosts.deny 
so that only specific ips can connect.  I made sure using netstat -an
that only port 23 was open.  I set up my hardware firewall to block all
requests except for ones coming on 23.  For those, it is redirecting to
my debian machine.  I configured sshd to allow only RSA key
authentication and disabled root login.  I also increased the host key
size to 1024.

Is there anything else I can do to harden my setup, either on the
firewall or on the server?

TIA
Vinh

Reply to:

Follow-Ups:
- Re: sshd port config and security
  - From: "Karl E. Jorgensen" <karl@jorgensen.com>
- Re: sshd port config and security
  - From: Jean-Marc Boursot <jmb@ankeo.org>

Prev by Date: Re: empty log files
Next by Date: Re: empty log files
Previous by thread: Re: empty log files
Next by thread: Re: sshd port config and security
Index(es):
- Date
- Thread