SSH Security
on
As we know, the security of a server is quite essential as long as it is active. In most cases, a mistake happens during the initial server set up will lead to a disaster at later period of time. In this post I am trying to prepare a check list for the initial server hardening of a cPanel server. Preparing a check list and follow it will ensure the implementation of necessary security settings. SSH Security SSH Warning Message Enable the default Banner path by modifying the sshd configuration file /etc/ssh/sshd_config . For that open the SSHD configuration file in your favourite editor and then search for the directive “Banner”. By default it will be disabled in most installations, so the entry would look like #Banner /etc/issue.net Now remove the comment tag and specify the banner file, by the common practice is to use /etc/issue , however you can use your own file. Now the entry would look like Banner /etc/issue Check whether the file exists. If so edit it with the warning message. Otherwise create or open the file /etc/issue add the warning message. I use the following one. You can use your own content to make the warning ############################################################### Authorized access only! # Disconnect IMMEDIATELY if you are not an authorized user!!! # # All actions Will be monitored and recorded # # Unauthorized access is forbidden and will be prosecuted by law # ############################################################### Once the file is saved, we need to restart the service. Use the following command to restart SSHD /etc/init.d/sshd restart Once it is restarted, ensure that the message pops up for all SSH access.
