How To Secure SSH Connection

Secure your SSH connection is very important. I guess that you don’t want your password being hacked, right? There are some tips that can help you to have a securer connection. Here we go!

 Step 1. SELinux restrictions for SSH

Step 2. Use TCP Wrappers to limit the hosts that can connect to server:

# echo “sshd: 192.168.1.” >> /etc/hosts.allow
# echo “ALL: ALL” >> /etc/hosts.deny            

This allow all clients with the 192.168.1.0/24 subnet to connect into the SSH server, and it disallows any other host outside this subnet.

Step 3. Change the options to improve security (/etc/ssh/sshd-config):

When you change these options, the default port isn't known to everyone, and only the internal network adapter listens for connections. Then only the two users (root and user01) are allowed to connect to the SSH server.

Have fun!