Configure and Secure SSH

Question 1

What are the steps to set an idle timeout interval?

Answer 1

1. Become Root
2. Edit your /etc/ssh/sshd_config file and add the following line
3. ClientAliveInterval 600
   ClientAliveCountMax 0
4. systemctl restart sshd

Logged out when reaching 600 seconds (10 minutes)

Question 2

What are the steps to disable root login (for ssh)?

Answer 2

1. Become Root
2. Edit your /etc/ssh/sshd_config file and replace PermitRootLogin yes to no
3. PermitRootLogin no
4. systemctl restart sshd

Question 3

What are the steps to disable empty passwords for ssh?

Answer 3

1. Become Root
2. Edit your /etc/ssh/sshd_config file and remove the # from the following line
3. PermitEmptyPasswords no
4. systemctl restart sshd

Question 4

What are the steps for limiting users and groups SSH access?

Answer 4

1. Become Root
2. Edit your /etc/ssh/sshd_confif file and add the following lines
3. AllowUsers user1 user2
   AllowGroups group1 group2
4. systemctl restart sshd

Question 5

What are the steps for changing the SSH port?

Answer 5

1. Become Root
2. Edit your /etc/ssh/sshd_config file and remove the # and change port on the following line
3. Port 22
4. systemctl restart sshd

Question 6

What are the steps to setup SSH keys?

Answer 6

1. Generate the key
   ssh-keygen
2. Copy the key to the server
   ssh-copy-id root@192.168.1.x
3. Login from client to server
   ssh root@192.168.1.x
   ssh -l root 192.168.1.x