Question:
best way to use SSH on a Linux server?
2009-08-18 13:54:11 UTC
I'm new to Linux servers and SSH. Currently I have a basic Ubuntu (server edition) setup running SSH. I have not setup DSA keys or anything. Just a standard configuration.

Is it safe to open the SSH port on my router so that I can access my linux server from other locations using SSH?

What steps should I take before allowing access to my server via SSH over the internet?
Three answers:
2009-08-18 14:21:05 UTC
The references below should answer your questions and give you a good starting point to work from. I could list them all here, but reading them yourself makes you a better system administrator.



Don't skip any steps, and make sure you monitor your server logs for attack indications.



I hope this helps...
Adrian
2009-08-18 14:11:55 UTC
never open regular SSH on a router. I had mine open for a short while, and after seeing literally thousands of attempts of admin passwords from hundreds of sites, I closed the SSH port quickly.



What I did was get a cheap router that did Port Address Translation (PAT), and opened a high port, like 33222 and PAT'd it to the SSH port of 22 internally. That stopped all the hackers probing for the SSH port. Yet, I can run WinSCP to my external port (ie 33222 on Internet) and have it connect to the internal Linux server on port 22.



The other option is to set the SSH service in Ubuntu to use a different port number (like 9922 or whatever you want), then just open that on the router. I've heard it can be done for SSH, but I can't tell you how (since I used PAT anyway).

Using PAT, the advantage is that internal LAN access can still be on regular SSH port, just the external Internet needs to know the proper port to try...
Linux Mint 11
2009-08-18 14:08:39 UTC
The Perfect Server - Ubuntu Hardy Heron (Ubuntu 8.04 LTS Server)

http://www.howtoforge.com/perfect-server-ubuntu8.04-lts



The Perfect Server - Ubuntu Jaunty Jackalope (Ubuntu 9.04) [ISPConfig 2]

http://www.howtoforge.com/perfect-server-ubuntu-9.04-ispconfig-2





LUg.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...