Hardening & Securing SSH (Secure Shell)
Hello Elites,
Today I am here to share some useful tips regarding securing SSH(secure shell), So please be in this article to get the complete overview of it, So that I can write more such relevant articles.
So, basically what is SSH, How to secure SSH(secure shell) and why we secure SSH?
SSH, often called Secure Shell or Secure Socket Shell, it’s a network protocol that provides users, especially system administrators, with a secure way to access a computer across an unsafe network. SSH can also refer to a group of tools that carry out SSH operations.
SSH authenticates and encrypts every connection. SSH provides IT and Infosec professionals with a secure method for remotely managing SSH clients. An SSH client and server establish a connection without the need for password authentication because SSH authenticates the devices themselves.
Best way to grab the concept is with the SSH connection diagram between client and server :
The practice of securing SSH comes under the chapter of Security Hardening which suggests some preventive measures which are as follows:
Disabling Remote Authentication:
Steps to perform:
- Login to your Shell (debian/fedora/ubuntu/centos/redhat), Here I am using Ubuntu shell for the practical purpose.
- Navigate to the given location by using below command:
vim /etc/ssh/sshd_config
- Just disable the below option from the config file.
- Disable the default port i.e. 22 to something different, But remember, always avoid using the port 222.2222.22222.
- Proper verification must be done on using different port because of the port block issue.
3. Next just move down to the config file and edit the option “PermitRootLogin” as no.
4. Now, Moving on the next value, Change PasswordAuthentication parameter to yes.
5. After going through all the above steps just restart the service with the below command.
Systemctl restart sshd
Advantages of securing SSH:
- The use of encryption to enable secure information flow between the client and the server is SSH’s main benefit. Users can use SSH to run shell commands on a distant computer just like they would if they were in front of it physically.
- security control of network infrastructure parts.
- Secure file transfer sessions.
References:
You can read more about SSH and Securing SSH from here: https://www.ssh.com/academy/ssh/protocol
https://www.hostinger.in/tutorials/ssh-tutorial-how-does-ssh-work