Tuesday, July 24, 2007

Securing SSH against brute force attacks

Today I was looking at my /var/log/messages file on my home machine and noticed a bunch of attempts to ssh in with a bunch of different names. This is a brute force attack and they are apparently quite common. I have a router forwarding the ssh port 22 to one of my linux boxes so I can connect from other locations.

When I saw these attacks I asked a friend what I can do to increase the security of my ssh to further protect my network. The following or some of his suggestions and some or my experiences with them.

* First is to specify the list of users you will allow to ssh into the box in the sshd.conf files
I had a little trouble on SLED finding where in the file to do this. On SLED sshd is set to use PAM for authentication. So I need to figure out how to tell PAM that certain users are not allowed to use ssh.

* Next, you can setup some iptables rules so that it only allows a certain number of attempts to ssh into the box per minute, this will decrease the script kiddies ect
I just set the MaxAuthTries 6. Hoping that that will do. If I can't get my password in 6 attemts I will have to try again later. I may regret this if it locks me out forever or something like that.

* You can also configure ssh so it doesn't allow password login but instead using ssh keys
The problem with this one is that some times i want to login from places that I have not logged in from before. I am not really sure I would be able to do that anymore.

* You could think about changing which port your router listens to to forward to the ssh port
ie have the router listen on 6822 and have it forward to 22

* also disable SSH Protocol 1 and just have SSH Protocol 2 listening
This one confused me a little bit because there is a line commented out in the sshd_config file that says Protocol 2,1 But since it is commented out I don't know what the default is. Don't know how to tell either.

posted by BFL at 11:15 AM 0 comments

Wednesday, July 18, 2007

GNOME Custom Hotkey for Application Launch - Custom Keyboard Shortcut

I found GREAT explanation of how to setup custom hotkeys in GNOME at this site. I copied it here so I don't lose it.

GNOME Custom Hotkey for Application Launch - Custom Keyboard Shortcut: "GNOME Custom Hotkey for Application Launch - Custom Keyboard Shortcut

Steps for creating a custom hotkey to launch any application in GNOME:

1. Open 'gconf-editor' as the user as you're logged in in GNOME
2. Go to 'apps' -> 'metacity' -> 'keybinding_commands'
3. Double click on e.g. 'command_1'
4. Type in the name of the application you want to launch, e.g. 'gcalctool', the GNOME calculator
5. Go to 'apps' -> 'metacity' -> 'global_keybindings'
6. Double click on e.g. 'run_command_1'
7. Type in e.g. c
8. Note the <> for the special function keys
9. DONE! Close the gconf-editor and press CTRL-ALT-c and the calculator should come up"

posted by BFL at 1:05 PM 0 comments