Created
October 11, 2018 21:53
-
-
Save ersin-demirtas/150e79c17615d73b5e876364ce448e6a to your computer and use it in GitHub Desktop.
Secure SSH - 2018 October - SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SSH to your server | |
| # Change directory to /etc/ssh | |
| cd /etc/ssh/ | |
| # Create a /etc/ssh back folder | |
| mkdir -p ~/backup/etc/ssh/ | |
| # Move the unsecure host keys backup folder | |
| mv ssh_host_{ecdsa,dsa,rsa}* ~/backup/etc/ssh/ | |
| # Update ssh configration to remove unscure MACs and Ciphers | |
| vi /etc/ssh/ssh_config | |
| # in /etc/ssh/ssh_config file comment out the current configuration for Ciphers and MACs and add | |
| -- /etc/ssh/ssh_config -- | |
| #Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc | |
| Ciphers aes128-ctr,aes192-ctr,aes256-ctr | |
| #MACs hmac-md5,hmac-sha1,umac-64@openssh.com | |
| MACs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512 | |
| ------------------------- | |
| # and apply same changes to /etc/ssh/sshd_config |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment