falko | Shared With: Everyone - Mar 30 2008 | ssh, public-key authentication, debian, openssh, etch, debian etch
This guide explains how to set up an SSH server on Debian Etch with public-key authorization (and optionally with disabled password logins). SSH is a great tool to control Linux-based computers remotely. It is safe and secure.
- falko | Shared With: Everyone - Jan 16 2008 | ssh, openssh, security
Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place. All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.
- falko | Shared With: Everyone - Oct 24 2007 | chroot, fedora, jail, linux, openssh, security, server, sftp, ssh
This document describes how to set up a chrooted SSH/SFTP environment on Fedora 7. The chrooted users will be jailed in a specific directory where they cannot break out. They will be able to access their jail via SSH and SFTP.
ShareViewed: 34 Times - falko | Shared With: Everyone - Sep 30 2007 | blockhosts, brute force, ssh, denyhosts, fail2ban, debian, etch, debian etch, linux, server, security
In this article I will show how to install and configure BlockHosts on a Debian Etch system. BlockHosts is a Python tool that observes login attempts to various services, e.g. SSH, FTP, etc., and if it finds failed login attempts again and again from the same IP address or host, it stops further login attempts from that IP address/host. By default, BlockHosts supports services that use TCP_WRAPPERS, such as SSH, i.e. services, that use /etc/hosts.allow or /etc/hosts.deny, but it can also block other services using iproute or iptables.
ShareViewed: 3 Times - falko | Shared With: Everyone - Sep 09 2007 | ssh, sftp, chroot, jail, security, debian, etch, debian etch, linux, server, openssh
This tutorial describes two ways how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. The users will also be able to use SFTP in their chroot jails.
ShareViewed: 34 Times - falko | Shared With: Everyone - May 01 2007 | fail2ban, brute force, brute-force, attack, security, linux, ssh, ftp, smtp, apache, block, iptables, login
In this article I will show how to install and configure fail2ban on a Debian Etch system. Fail2ban is a tool that observes login attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if it finds failed login attempts again and again from the same IP address or host, fail2ban stops further login attempts from that IP address/host by blocking it with an iptables firewall rule.
Send falko a friend request or a personal message instead.