From the course: Complete Guide to Linux Security: Protecting Your Linux Server Environment

Unlock this course with a free trial

Join today to access over 24,300 courses taught by industry experts.

Authentication settings

Authentication settings

- For this last portion of the lab, we're going to work with authentication settings. The default authentication settings in an SSH server leaves something to be desired, especially if you have confidential or mission critical systems. So we're going to show a couple ways to modify authentication options. So we'll go back to our server now and we'll jump back into our sshd_config file. And the first thing I want to show is lowering the maximum amount of authentication attempts. So when you try to connect via passwords, you will be given multiple attempts to get the password right. We can reduce that amount of attempts within the configuration, but right now we're only connecting via keys. So I'm going to change that, and we're going to turn password authentication back on to yes, and then we're going to look for the MaxAuthTries configuration. And there it is. And we'll uncomment that. And you can see that it says six, six maximum authentication tries. To me, that's too much. Normally…

Contents