Re: need an efficient and secure sshd_config



ClientAliveInterval <time interval in seconds>
ClientAliveCountMax 0

That should do for the time settings :)

Remo


On 7/14/09 9:55 AM, "J. Bakshi" <bakshi12@xxxxxxxxx> wrote:

On Mon, 13 Jul 2009 10:00:52 +0200
matteo filippetto <matteo.filippetto@xxxxxxxxx> wrote:

2009/7/12 J. Bakshi <bakshi12@xxxxxxxxx>:
Dear list,

I am running openssh-server __1:5.1p1-5+b1 on a remote debian box.
There are a no. of online docs on sshd configuration. I am afraid to
say that even reading a no. of such tutorial I am still confused. I
am looking for a sshd_config file which is both strict about
security as well as efficient to control its client. Like it should
force the client to have compression, it should survive with poor
internet, and other good features which can make it a good ssh
server.

Could any one please suggest such sshd_config ?

Here is mine

```````````````
Port 47015
Protocol 2
PermitRootLogin no
PasswordAuthentication no
UsePAM yes
X11Forwarding no
``````````

thanks


Hi,

maybe you can read this discussion

http://www.governmentsecurity.org/forum/index.php?showtopic=6051

and for sure take a lokk to the official documentation

http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5

Bye


Thanks for your response but I have not found yet what I'm looking for. I need
the configuration which actually suppress the hostname and the domain/IP on
client side. client will only be prompted for password. The second thing the
sshd should allow the client to be connected even half an hour with out
executing any command. Any such configuration in openssh ?

Thanks

!DSPAM:4a5cb7a6195119363919659!