Re: ssh dictionary attacks

From: Sheldon T. Hall - DO NOT MAIL <aquaman@xxxxxxxxxxxxxxxxx>
Date: Fri, 18 Aug 2006 19:31:20 -0700

On Fri, 18 Aug 2006 16:04:37 GMT, Chuck
<skilover_nospam@xxxxxxxxxxxxxx> wrote:

Sheldon T. Hall - DO NOT MAIL wrote:

The easiest way to secure your server's SSH port is to just firewall
it completely from the 'net, and have a portknocking arrangement that
selectively opens the SSH port to the IP address that correctly
knocked on the secret port.

Of course, you'd still want all the usual SSH security stuff, too:
restrict the access list to particular users, disallow direct root
logins, require keys, etc.

How do you get the ssh client to "knock first before entering"?

I just use telnet to do the knocking, before firing up the SSH client.

If I were setting this up for other folks, or had to do it from
different places a lot, I'd have a batch/shell program that telnets to
the knocking ports on the server, waits a bit, then starts the SSH
client.

-Shel

.

References:
- Re: ssh dictionary attacks
  - From: Sheldon T . Hall - DO NOT MAIL
- Re: ssh dictionary attacks
  - From: Chuck

Prev by Date: Re: McAfee and CygWin SSH
Next by Date: ssh is hard to use
Previous by thread: Re: ssh dictionary attacks
Next by thread: ssh is hard to use
Index(es):
- Date
- Thread

Relevant Pages

Re: Questions on some wierd /var/log entries
... would like some input on what these entries are on about (yes, ... So port knocking is out as is moving my SSH port to ... I don't know the specifics about adding firewall rules using Suse's ...
(comp.os.linux.misc)
telnet to ssh (port 22)
... I'm trying to test a new network configuration, and exposing my ssh port ... He can telnet to my smtp port just fine, ... I think this is the right thing for ssh to do when contacted by telnet. ...
(comp.os.linux.security)
Re: Whats with the sudden influx of spam?
... Set up a machine at your house as an SSH ... Once you authenticate to your home computer via SSH you'll be ... the SSH port is open on your router. ... just as if you were sitting in front of it, but you'd be sitting in at ...
(rec.audio.pro)
Re: How to use fuser?
... But, for a network connection, I have some problem too. ... #netstat //I found the ssh port ... #fuser -n tcp -4 port ...
(comp.unix.shell)
TIPS FOR THE NEWCOMER
... Correct me if I am wrong, it appears that ssh and gnupg has similar ... Do I have to send my public key to ... the other machine (ssh client) and likewise do the same thing get a copy ... Is the passphrase function here same as in gnupg that if you have ...
(SSH)