Server Security – Passwordless Remote Login

Based on some recent experience do not ever allow password remote login. There are two things you chould apply to your ssh server. Implement a RSA key login, and implement fail2ban. Fail2ban will modify iptables (firewall) to block the ip address of offending attempts to connect. It will do so for your apache, ssh, ftp, and other servers. It is a separate program, not a wrapper, and it monitors log files for login attempts. You set the max login attempts (fails) in the jail.conf file in /etc/fail2ban. The combination of RSA keys and fail2ban will ensure a secure and accessible system, which is a must of the system is to be open to outside internet connections.

A previous post about fail2ban

Tags: accessible system, ban, login, login attempts, rsa, rsa keys, ssh, ssh ftp, ssh server, System

This entry was posted by nseidm1 on January 24, 2010 at 4:15 pm, and is filled under Server, fail2ban, login, remote, rsa, security, ssh. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site.

Related Posts
Comments (0)

No comments yet.

No trackbacks yet.

VirtualBox Manager Pro – UI Updates and Stability

May 23, 2010 - 10:25 am

Tags: app, depth, dialog boxes, host, host port, key keys, password, public keys, ssh server, virtualbox
Posted in Manager, enhancements, key, linux, notification, password, pro, ssh, toast, virtualbox | No comments

I have added a variety of user interface updates to the pro version. In addition to the toast popups actual notifications add a sence of feedback and depth to the program. I want the program to feel that its actually aware of what you are doing and processing interactions accordingly. I feel with recent enhancements [...]

Jsch on Android

May 9, 2010 - 9:07 am

Tags: correct syntax, dependency, device, internal storage, jsch, password, ssh, ssh command, ssh connections, storage location
Posted in Android, java, jsch, password, rsa, ssh | No comments

Jsch works on android. With the only dependency, jzlib, satisfied the java based implementation of ssh is beginning to code relatively straight forward. After many days of trial and error the correct syntax to the commands, and the methods of particular classes are beginning to make sense. Password login is relatively straight forward, and with [...]

Fstab – Manual Mounting and Udev Auto

March 7, 2010 - 9:26 am

Tags: automount, cd iso, fstab, iso, iso images, linux distributions, samba shares, System, udev
Posted in fstab, mount, udev | No comments

Modern Linux distributions use udev which automount partitions to the system. This is most notably seen with usb device that are the predominant hot swappable media. Internal hard drives, particularly drives that are used to boot the system, have their mount points defined in the fstab file. Fstab is automatically generated during the Debian/Ubuntu installation [...]

SSH – Gateway Ports and Forward Reverse Tunnels

February 27, 2010 - 9:42 am

Tags: client, client location, connection, encrypted connection, gateway, gateway ports, option, ssh, ssh connection, ssh connections
Posted in .forward, client, gateway, host, port, reverse, ssh, tunnel | No comments

SSH can create forward and reverse tunnels to transmit port data through the encrypted connection. You can create forward tunnels that link the local port of the client machine to the remote port on the server. You can create reverse tunnels that link the remote ports of the server to the local ports on the [...]

SSH X Forwarding with Compression

February 13, 2010 - 4:39 pm

Tags: c option, Compression, compression quality, connection, internet, slow internet connection, slow internet connections, ssh, ssh sessions, xtightvncviewer
Posted in Compression, quality, speed, ssh, xtightvncviewer | No comments

If you plan to forward X applications via ssh, and are using a very slow internet connection you should definitely use compression. The “-C” option will use compression and will substantially increase the data transfer rate in 100 Kb/s or less internet connections. Also with vnc connection, if you are using xtightvncviewer you can effectively [...]

Sendmail – Critical to Receive System Alerts

February 10, 2010 - 9:02 am

Tags: default sendmail, email, external mail server, forward works, local ip, mail, relay mail, Sendmail, System, user
Posted in .forward, Sendmail, access, alert, aliases, home, user | No comments

Image via Wikipedia The core of Linux is designed to mail, at minimum, the root user of various system alerts. With sendmail installed these alerts are mailed to the respective user directory. If you have an external mail server you can configure your local user mail to be forwarded to any email address. The easiest [...]

SSH Login Timeout – Password Authentication

February 6, 2010 - 9:42 am

Tags: automatic mechanisms, brute force, dictionary, force, legitimate user, login, ssh, timeout, timeouts, user
Posted in brute, force, login, ssh, timeout | 1 comment

SSH login timeouts are not very effective at preventing unauthorized login attempts. Most ssh attacks are scripted attached launched by automatic mechanisms. The scripts most likely will use dictionary based brute force attacks that insert the password very quickly. Setting the login timeout very low will most likely not prevent such scripted attacks, and will [...]

Sshd_config Settings Rundown

February 3, 2010 - 12:38 pm

Tags: change, internet, login, login attempts, password, port, port 22, pound symbol, root login, ssh login
Posted in iptables, login, root, rsa, setting, sshd, tcp | No comments

Image via Wikipedia First change the port you are using. Do not use port 22 on servers that have internet connectivity. This is the first port that will be checked by countless robots searching the internet for vulnerabilities. Change the port to whatever, and then use the -p option in your ssh login attemt. Then [...]

Auth.log in Debian Systems

February 2, 2010 - 12:13 pm

Tags: auth, connection, connection attempts, cron, crontab command, force, mail servers, root mail, security countermeasures, ssh
Posted in auth, cron, crontab, debian, log, ssh | 1 comment

Image via Wikipedia Your auth.log file is the first step in determining of an intrusion is being attempted, or has occured. It logs all ssh connection attempts, cron jobs, and su calls. If an ssh brute force attach is occurring you will see countless failed ssh login attempts. Most likely various usernames will be attempted. [...]

Detecting a Security Breach – Ubuntu and Linux Machine

January 25, 2010 - 12:46 pm

Tags: active processes, attempt, linux machine, login, login attempts, machine, password, root, security breech, ssh access
Posted in access, backup, breech, detect, linux, login, root, security, ubuntu | 3 comments

Detecting a security breech is sometimes as easy as logging into the machine, using ssh, and viewing the last login attempt from a completely unrecognized ip address or domain. Subsequently check your auth.log file, in /var/log, for login attempts. If you see countless failed login attempts you have been the victim of a brute from [...]