SSH short for Secure SHell is cryptographic network protocol. It is widely used in UNIX/Linux(but not limited to) world to allow clients to securely connect to a server. It is replacing older and insecure protocols like rsh and telnet. In addition to security it add tunneling for other protocols.
And since it is widely used it is often exploited to get unauthorized access to the system.
Enough general information. Back to the topic.
There are few simple rules on how to protect:
- If you do not need it do not enable it
- Restrict access
- Change listening port
- Use version 2 (if possible)
- Disallow root access
- Use strong passwords
- Block access
- Use key authentication
- Use “One time passwords”
- Show Warning message
Your comments are welcome.