---

Top 20 OpenSSH Server Best Security Practices

[ Thanks to An Anonymous Reader for
this link. ]

“#4: Configure Idle Log Out Timeout Interval User can
login to server via ssh and you can set an idel timeout interval to
avoid unattended ssh session. Open sshd_config and make sure
following values are configured:

ClientAliveInterval 300
ClientAliveCountMax 0

You are setting an idle timeout interval in seconds (300 secs =
5 minutes). After this interval has passed, the idle user will be
automatically kicked out (read as logged out). See how to
automatically log BASH / TCSH / SSH users out after a period of
inactivity for more details.

“#5: Disable .rhosts Files

“Don’t read the user’s ~/.rhosts and ~/.shosts files. Update
sshd_config with the following settings:”


Complete Story