SSH Audit

Ideally you should whitelist your SSH Servers to your IPs or don’t even expose the service to the Internet and use a VPN to login. In some cases this is not an option and/or you may need to create a Bastion Host / Jump Box server with SSH exposed.

If this is the case you should do or at least consider these options:

  • Change the SSH port (May reduce the noise, but not the security)
  • Only use Key Based Authentication i.e. disable password and use keys only
  • Prevent root user from logging in via SSH
  • Limit user access via SSH

Once the above has been completed, use SSH Audit to check that everything from an SSH configuration is setup correctly and passes the security checks. SSH Audit is a free online tool allows you to audit the configuration of an SSH server.

Reference:
https://www.sshaudit.com

Bookmark the permalink.