1. �?i port SSH
M?c �?nh SSH Server s? s? d?ng c?ng 22 �? ti?p nh?n k?t n?i, v� ��y c?ng l� c?ng m� c�c scanner lu�n nh?m v�o �? t?n c�ng brute force. Do v?y, �?ng n�n s? d?ng c?ng 22 m?c �?nh m� h?y �?i sang m?t c?ng kh�c, ch?ng h?n nh� 1109. C?ng l�u ? r?ng, s? c?ng ph?i nh? h�n ho?c b?ng 4 ch? s? v� kh�ng n�n xung �?t v?i c�c c?ng kh�c �? ��?c s? d?ng b?i ph?n m?m kh�c.
�? �?i c?ng SSH m? file /etc/ssh/sshd_config t?m:
#Port 22X�a d?u # �i v� s?a th�nh
Port [port b?n mu?n s? d?ng]v� d?:
Port 0209
2. Kh�ng ��ng nh?p b?ng user root
User root lu�n r?t nh?y c?m n�n n?u c� th?, b?n h?y s? d?ng m?t user kh�c �? ��ng nh?p v� sau �� s? d?ng l?nh su �? �?i sang user root.
L�u ?: H?y �?t m?t kh?u cho user root tr�?c. Y�n t�m l� d� b?n c� s? d?ng SSH Key v� kh�ng cho ph�p login b?ng m?t kh?u nh�ng khi chuy?n user th? v?n d�ng b?nh th�?ng.
�?u ti�n l� t?o m?t user b?t k?
useradd abcxyzV� thi?t l?p m?t kh?u cho user n�y:
passwd 123456Thay abcxyz v� 123456 th�nh user v� pass c?a b?n
- M? file /etc/ssh/sshd_config r?i t?m:
#PermitRootLogin yesS?a th�nh
PermitRootLogin noCu?i c�ng l� ch�n th�m �o?n sau v�o cu?i file �? ch? cho ph�p user thachpham ��?c ph�p ��ng nh?p v�o SSH:
AllowUsers abcxyz3. S?a d?ng SSH key
C?c b?n xem t?i ��y: http://quylevhb.blogspot.com/2014/12/tao-key-file-xac-thuc-login-ssh.html
4. Ch? cho ph�p ��ng nh?p SSH t? m?t IP c? �?nh
N?u b?n s? d?ng IP �?ng th? �?ng n�n th? c�ch n�y, c?n n?u b?n c� 1 IP t?nh th? n� r?t t?t �? ch?ng l?i c�c ��ng nh?p b?t h?p ph�p. Ch? c?n ch�n �o?n sau v�o:
ListenAddress 127.0.0.1Thay 127.0.0.1 b?ng IP c?a b?n
S�u t?m t? internet
M?t s? bi?n ph�p b?o m?t SSH
4/
5
Oleh
Unknown
