Top 20 OpenSSH Server Best Security Practices

[ Thanks to An Anonymous Reader for this link. ]

"#4: Configure Idle Log Out Timeout Interval User can login to server via ssh and you can set an idel timeout interval to avoid unattended ssh session. Open sshd_config and make sure following values are configured:

ClientAliveInterval 300
ClientAliveCountMax 0

You are setting an idle timeout interval in seconds (300 secs = 5 minutes). After this interval has passed, the idle user will be automatically kicked out (read as logged out). See how to automatically log BASH / TCSH / SSH users out after a period of inactivity for more details.

"#5: Disable .rhosts Files

"Don't read the user's ~/.rhosts and ~/.shosts files. Update sshd_config with the following settings:"

Complete Story

Related Stories:

• A Linux security story(Jul 17, 2009)
• Anonymous SSH Sessions With TOR(Jul 16, 2009)
• OpenSSH update (Zero-day exploit?)(Jul 08, 2009)
• Creating Secure Tunnels With ssh(Jun 18, 2009)
• SSH From Your Mobile Device(Jun 10, 2009)
• SSH Tunnels: Using a service from a nated (twice) box(Jun 08, 2009)
• SSHerminator - Nice split screen terminal emulator and SSH client(Feb 19, 2009)
• More Fun With SSH(Feb 19, 2009)