Allowing ssh logins

Support for security such as Firewalls and securing linux
aliebel
Posts: 7
Joined: 2006/02/14 02:08:34

Allowing ssh logins

Postby aliebel » 2009/05/08 00:40:49

I would like to allow ssh logins from outside my router so I can access my server remotely. What security precautions should I take? Specifically I would like to know how to:

Monitor a log file to see all log in attempts.

Add a delay and limit to failed login attempts.

Preclude root from logging in remotely.

Use ssh tunneling to secure Oracle Sqlnet connections.


Thank you.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: Allowing ssh logins

Postby pschaff » 2009/05/08 15:06:30

aliebel wrote:
I would like to allow ssh logins from outside my router so I can access my server remotely. What security precautions should I take?

Can't address all your questions, but one consideration would be to use an alternate port than the standard 20 and/or to only open up the firewall for the selected port from the specific hosts or subnet you will be coming in from.

Specifically I would like to know how to:

Monitor a log file to see all log in attempts.

man logwatch

Add a delay and limit to failed login attempts.

Preclude root from logging in remotely.

# grep -i root /etc/ssh/sshd_config
#PermitRootLogin yes

Uncomment and s/yes/no/

Use ssh tunneling to secure Oracle Sqlnet connections.

Don't know about that one.