The secure shell daemon should be hardened to prevent unauthorised access before being put into a production environment or exposed to the internet.
1. Verify the /etc/ssh/sshd_config file contains the following lines and that they are not commented out:
Protocol 2 IgnoreRhosts yes HostbasedAuthentication no PermitRootLogin no PermitEmptyPasswords no AllowTcpForwarding no (unless needed) X11 Forwarding no (unless needed) AllowUsers <username1> <username2> (Optional) DenyUsers <username1> <username2> (Optional)
Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.