Go Back   TechArena Community > Technology > Networking & Security
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 28-11-2011
Member
 
Join Date: Nov 2011
Posts: 342
Which is the best strategy for SSH Login

I am running a web/file server at my place and I am also running ssh on the same so I am able to login in to the same even when I am not at home and I need to run sftp in order to get some files that I need, even though I am using only password authentication for ssh logins I am w\aware that it is not that secure and there is a need to use public/private keys for the login. I am using the password authentication method for now so that I can login from any computer that I want but then recently I have noticed that there is a lot automated log in attempts through ssh in the auth.log file. So I just wanted to know that is there a way to login in to ssh from any computer and avoid such automated logs? Any suggestion for the same will be appreciated.
Reply With Quote
  #2  
Old 28-11-2011
Member
 
Join Date: Jul 2011
Posts: 354
Re: Which is the best strategy for SSH Login

I think that you should not log in to the ssh from any computer and I am saying so because there is a security risk and if you still do the same then you are really quite insecure at that time anyways as far as the automated log in the auth.log file is concerned than you can just check out the fail2ban and I think that it will definitely help you for the same. Best of luck
Reply With Quote
  #3  
Old 28-11-2011
Member
 
Join Date: Nov 2011
Posts: 199
Re: Which is the best strategy for SSH Login

Quote:
I think that you should not log in to the ssh from any computer and I am saying so because there is a security risk and if you still do the same then you are really quite insecure at that time anyways as far as the automated log in the auth.log file is concerned than you can just check out the fail2ban and I think that it will definitely help you for the same. Best of luck
Edit/Delete Message.
Thanks for that I will definitely check in to the fail2ban but then I just wanted to share that most of the login attempts that I usually make is from my home computer, you can say that 80 percent of the login attempts are made from my home computer and I use the sftp from other computer when there is only a need of some files that I want and I do it very occasionally and then I now I am still quite insecure but then I will be moving to the public/private keys soon.
Reply With Quote
  #4  
Old 28-11-2011
Member
 
Join Date: Jul 2011
Posts: 415
Re: Which is the best strategy for SSH Login

I will like to inform you that if you are login from other computers only to access the file that you need then SSH is not only the way to do so. I mean that you can just install Apache and then just fill it with the file that you are willing to download in your public_html and if you still want to use the SSH using the password authentication then I will suggest you to use PAM module for Google 2-step verification. I will also like to add fail2ban or denyhosts are better choices for securing ssh so I will say that switch to them sooner.
Reply With Quote
  #5  
Old 28-11-2011
Member
 
Join Date: Jul 2011
Posts: 263
Re: Which is the best strategy for SSH Login

The other option that I have is using a valid key on a USB-stick in order to login in to the ssh from different computers. You can also try to just change the port forwarding on the router just for eg if it is 6666 to 21 then you can make it to ssh -p 8888. Hope you got my point.
Reply With Quote
  #6  
Old 29-11-2011
Member
 
Join Date: Mar 2011
Posts: 384
Re: Which is the best strategy for SSH Login

I will suggest you to use public key encrypted with a pass phrase rather than just using the default port other than that also make sure that you do not allow root login as well. I have done the same and trust me I have found dramatic decrease in the amount of dictionary/brute force attacks. Just try to do the same and I think that it will help you as well.
Reply With Quote
Reply

  TechArena Community > Technology > Networking & Security
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "Which is the best strategy for SSH Login"
Thread Thread Starter Forum Replies Last Post
Required information on RIM Mission Statement, Pricing Strategy, & Marketing Strategy Kazmierz Portable Devices 5 06-08-2011 01:32 AM
Login Completely Blocked w/User Profile Service Failed the Login RaeS Vista Help 6 09-02-2011 12:39 AM
IE8 keeps losing my Facebook Login, yahoo login, other form informations Holbrook Windows Software 3 04-02-2011 08:42 AM
Login and password Text boxes disabled during remote login in windows 7 Cassey Networking & Security 4 20-01-2010 09:53 PM
restore ghost image, boots up to login screen but login loop chrisnpg Hardware Peripherals 2 29-01-2008 06:57 AM


All times are GMT +5.5. The time now is 11:29 PM.