Re: need an efficient and secure sshd_config



ClientAliveInterval <time interval in seconds>
ClientAliveCountMax 0

That should do for the time settings :)

Remo


On 7/14/09 9:55 AM, "J. Bakshi" <bakshi12@xxxxxxxxx> wrote:

On Mon, 13 Jul 2009 10:00:52 +0200
matteo filippetto <matteo.filippetto@xxxxxxxxx> wrote:

2009/7/12 J. Bakshi <bakshi12@xxxxxxxxx>:
Dear list,

I am running openssh-server __1:5.1p1-5+b1 on a remote debian box.
There are a no. of online docs on sshd configuration. I am afraid to
say that even reading a no. of such tutorial I am still confused. I
am looking for a sshd_config file which is both strict about
security as well as efficient to control its client. Like it should
force the client to have compression, it should survive with poor
internet, and other good features which can make it a good ssh
server.

Could any one please suggest such sshd_config ?

Here is mine

```````````````
Port 47015
Protocol 2
PermitRootLogin no
PasswordAuthentication no
UsePAM yes
X11Forwarding no
``````````

thanks


Hi,

maybe you can read this discussion

http://www.governmentsecurity.org/forum/index.php?showtopic=6051

and for sure take a lokk to the official documentation

http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5

Bye


Thanks for your response but I have not found yet what I'm looking for. I need
the configuration which actually suppress the hostname and the domain/IP on
client side. client will only be prompted for password. The second thing the
sshd should allow the client to be connected even half an hour with out
executing any command. Any such configuration in openssh ?

Thanks

!DSPAM:4a5cb7a6195119363919659!




Relevant Pages

  • Re: Client End Firewalls
    ... it doesn't matter if the email client can't be tricked when the ... control such things on a Windows 98 box. ... > than getting the client firewall properly configured. ... > additional costs for configuration and configuration-changes? ...
    (Security-Basics)
  • Re: Overwhelmed by choices of Design Patterns
    ... For this app, the configuration looked something ... --- the client of the configurator most query the data out of the ... similarity from the adapter interface and the adaptee interface .. ... suddenly looks a lot like Strategy Pattern? ...
    (comp.object)
  • Re: SBS Laptop Security Paradigm??
    ... use the wizard... ... Client Configuration ... To connect client computers to the network, ... Client Networking Configuration ...
    (microsoft.public.windows.server.sbs)
  • Re: what utility is MS using to migrate local computer profiles to SBS 2003 domain accounts?
    ... Client Configuration ... To connect client computers to the network, ... Client Networking Configuration ... client computer, open Internet Explorer, and type http:// ServerName ...
    (microsoft.public.backoffice.smallbiz)
  • RE: Install.INS - Proxy Enabled
    ... The Install.ins file contains the configuration settings for Internet ... Explorer on the client. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)