Comments on: securing SSH under CentOS 5

By: Quinn Harbison

Quinn Harbison — Sat, 07 Jan 2012 19:39:31 +0000

I’d enjoy seeing an article of the top 10 VPS suppliers to get actual peoples thoughts of their products and services.

By: freelance coder

freelance coder — Wed, 09 Jun 2010 05:01:23 +0000

Excellent. I haven’t had the same experience here in Newfoundland, but I suppose that isn’t very suprising.

By: Dougal

Dougal — Thu, 06 May 2010 10:05:57 +0000

Lovely tutorial.

Obviously I’m a latecomer, but I can confirm that now on CentOS 5 installing denyhosts from http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm DOES do the whole job for you and there’s no need to move and rename the config files.

It leaves the config file at /etc/denyhosts/denyhosts.cfg and the service control script at /etc/init.d/denyhosts

The default “working directory” is, however, in /usr/share/denyhosts – but this will be created automatically.

Thank you.

By: BlueNile

BlueNile — Mon, 17 Aug 2009 16:54:52 +0000

You can write specific firewall rules to filter ssh scanner. Also you van limit ssh access from selected IP addresses.
Reference:
http://sianzsolutions.info/linux-security/securing-ssh-server

By: jamon

jamon — Wed, 30 Apr 2008 17:05:51 +0000

To make scp/sftp connections to a server with ssh not running on port 22 easier, create a ~/.ssh/config file. Typically host, user, and port are sufficient. Here’s an example:

Host foo
Hostname foo.bar.com
User baz
Port 2022
Compression yes

You can use an IP in place of the hostname. Then you can run something like “scp file.tar.gz baz@foo:” instead of “scp -P 2022 file.tar.gz baz@foo.bar.com:” Note that compression is optional and sometimes makes things slower depending on the client and server.