From the course: Complete Guide to Linux Security: Protecting Your Linux Server Environment
Unlock this course with a free trial
Join today to access over 24,300 courses taught by industry experts.
Authentication settings - Linux Tutorial
From the course: Complete Guide to Linux Security: Protecting Your Linux Server Environment
Authentication settings
- For this last portion of the lab, we're going to work with authentication settings. The default authentication settings in an SSH server leaves something to be desired, especially if you have confidential or mission critical systems. So we're going to show a couple ways to modify authentication options. So we'll go back to our server now and we'll jump back into our sshd_config file. And the first thing I want to show is lowering the maximum amount of authentication attempts. So when you try to connect via passwords, you will be given multiple attempts to get the password right. We can reduce that amount of attempts within the configuration, but right now we're only connecting via keys. So I'm going to change that, and we're going to turn password authentication back on to yes, and then we're going to look for the MaxAuthTries configuration. And there it is. And we'll uncomment that. And you can see that it says six, six maximum authentication tries. To me, that's too much. Normally…
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
(Locked)
Learning objectives1m 18s
-
(Locked)
Review of SSH1m 47s
-
(Locked)
Using keys to connect via SSH12m 57s
-
(Locked)
The sshd_config file3m 19s
-
(Locked)
Modifying the default SSH port7m 32s
-
(Locked)
Disabling password-based SSH2m 57s
-
(Locked)
Disabling root login via SSH2m 32s
-
(Locked)
Exclusive SSH groups4m 37s
-
(Locked)
Authentication settings10m 6s
-
(Locked)
Terminating SSH connections, part 17m 45s
-
(Locked)
Terminating SSH connections, part 26m 51s
-
(Locked)
-
-
-
-
-