How to prevent SSH from cracking by Linux 02/05 Update SLTechnology News&Howtos

How to prevent SSH from cracking by Linux

2025-02-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Shulou(Shulou.com)06/01 Report--

This article will explain in detail how Linux prevents SSH from being violently cracked. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

SSH brute force cracking means that attackers try to log in to the server through password dictionaries or random combination of passwords (for machines in the whole network). This kind of attack generally does not have a clear target, and most of them scan the entire broadcast domain or network segment directly through scanning software.

1. Disable root login

Modify the sshd server-side configuration file / etc/ssh/sshd_config

[root@vps ~] $vi / etc/ssh/sshd_config- configuration is as follows-PermitRootLogin no restart [root@vps ~] $service sshd restart2, modify SSH default port

Modify the default port number of SSH. The configuration file on sshd server is / etc/ssh_config.

[root@vps ~] $vi / etc/ssh/sshd_config- configuration is as follows-Port 2280 restart SSH [root@vps ~] $systemctl restart sshd check status [root@vps ~] $systemctl status sshd to see if the port has changed [root@vps ~] $netstat-ntlp | grep 2280tcp 00 0.0.0.0 etc/ssh/sshd_config- 2280 0.0.0 .0: * LISTEN 8793/sshd tcp6 0 0: 2280:: * LISTEN 8793/sshd3, Limit the number of ip failures in the secure file

When the same IP address is tried more than 5 times, then join / etc/hosts.deny

#! / bin/bash# extracts all IP into black.list file cat / var/log/secure | awk'/ Failed/ {print $(NF-3)}'| sort | uniq-c | awk'{print $2 "=" $1;}'> / usr/local/bin/black.list# setting times define= "5" for i in `cat / usr/local/bin/ black.list`do IP= `echo $I | awk-F ='{print $1} '`NUM= `echo $I | awk-F =' {print $2} '`if [$NUM-gt $define] Then grep $IP / etc/hosts.deny > / dev/null if [$?-gt 0]; then echo "sshd:$IP:deny" > > / etc/hosts.deny fi fidone

Add scheduled tasks.

[root@vps] $crontab-e# check every 3 minutes * / 3 * sh / usr/local/bin/secure_ssh.sh restart crontab [root@vps ~] $systemctl restart crond this article on "how to prevent SSH brute force cracking" is shared here. I hope the above content can be helpful to you, so that you can learn more knowledge, if you think the article is good. Please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.