Brilliant, thank you.
Some of those I'd already enabled, but AllowUser and rate limiting the
connection were easy ones that I'd missed.
Fail2ban (& similar), port knocking and log analyzing look like
interesting ones to implement so I'll go and investigate those.
I'm also wondering if I could somehow use port knocking to cause my
firewall to wake-on-lan my desktop, that I could then ssh into...
Thank you
Leo
On 15/06/13 16:40, Peter B. wrote:
> This might help
>
> http://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html
> On 15 Jun 2013 16:34, "Leo" <linux@???> wrote:
>
>> I've been using ssh (via public keys) to connect to various bits of kit on
>> my network for a while now. I'd now like to be able to ssh in from outside
>> the network. As I understand it this is just a matter of setting up some
>> port forwarding through the router and firewall.
>>
>> Other than changing the default port can anyone recommend anything else I
>> should be doing to increase network security?
>>
>> Thanks
>> Leo
>>
>> --
>> Please post to: Hampshire@???
>> Web Interface: https://mailman.lug.org.uk/**mailman/listinfo/hampshire<https://mailman.lug.org.uk/mailman/listinfo/hampshire>
>> LUG URL: http://www.hantslug.org.uk
>> ------------------------------**------------------------------**--
>>
>
>
>
--
Please post to: Hampshire@???
Web Interface:
https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL:
http://www.hantslug.org.uk
--------------------------------------------------------------
