Page 1 of 1

Allowing ssh logins

Posted: 2009/05/08 00:40:49
by aliebel
I would like to allow ssh logins from outside my router so I can access my server remotely. What security precautions should I take? Specifically I would like to know how to:

Monitor a log file to see all log in attempts.

Add a delay and limit to failed login attempts.

Preclude root from logging in remotely.

Use ssh tunneling to secure Oracle Sqlnet connections.


Thank you.

Re: Allowing ssh logins

Posted: 2009/05/08 15:06:30
by pschaff
[quote]
aliebel wrote:
I would like to allow ssh logins from outside my router so I can access my server remotely. What security precautions should I take?
[/quote]
Can't address all your questions, but one consideration would be to use an alternate port than the standard 20 and/or to only open up the firewall for the selected port from the specific hosts or subnet you will be coming in from.

[quote]
Specifically I would like to know how to:

Monitor a log file to see all log in attempts.
[/quote]
man logwatch

[quote]
Add a delay and limit to failed login attempts.

Preclude root from logging in remotely.
[/quote]
# grep -i root /etc/ssh/sshd_config
#PermitRootLogin yes

Uncomment and s/yes/no/

[quote]
Use ssh tunneling to secure Oracle Sqlnet connections.
[/quote]
Don't know about that one.