23 Jan 2012 |
Posted by Ever Password | 0 Comment.
SSH and root security for webmaster is considered as the most important aspect. This also helps to maintain the security level of the website on a great level. Since the inception of SSH in 1995, it has managed to become the most popular remote login platform or protocol for all the Linux boxes. There are near about two million of SSH users during the end of 2000. Those days are gone when you use to send the data through plaintext and it was transferred through an unsecure network. Now you can say that your data will be transferred in the safest manner.
It can be encrypted as well as protected with a great approach. SSH and root security for webmaster has made these things easier and keeping webmasters safe from unwanted worries. Keep in mind that to use great power, you have to take an enhanced responsibility. If you are using the Linux box which is also accessible through the internet, then it often pays to determine what you are performing. In order to make the SSH and root security more secure, you can follow some tips.
By the default, the SSH listens for the connections on the port 22 and attackers make use of port scanner program to see if hosts are running the SSH service. It is good to change SSH port to the number high than 1024 as most of the port scanners (that includes map) by default do not scan high ports. Also, there are 2 versions of SSH protocol. Making use of SSH protocol 2 is more secure; the SSH protocol 1 is the subject to safety issues which includes man in -middle & insertion attacks. You must not allow the root logins through SSH, as it is the big & unnecessary safety risk. In case, the attacker gains the root login for system, then he will do more of damage than in case, he gains the normal user login. You can configure the SSH server so root user isn’t allowed to log. You can change yes and no and restart this service.
You may then log on with other defined user & switch to the user root in case, you wish to become the super user. It is good to make the dummy local user with the no rights on system as well as use user to log in into SSH. In that way no harm is done in case, user account is been compromised. While making the user, ensure it is in wheel group, so you may switch to super user. In case, you want to have the list of the users who are only ones to log in through SSH, you may specify them in sshd_config file.