SSHd Hardening Guide


Just thought I would share a really easy-to-read SSHd hardening guide linked to by:

Which is at; Secure Secure Shell

That is from 2015, but the only difference today from that I believe is the addition of some more ciphers and kex authorize thingies, which can be added on. BUT that guide is well written a good starting point for sure.

If you chat with reasonably technical people - of course every1 has an SSH client lols, so if you have a group of frenz in a tech circle, SSHd as an onion service is always an option, if not just encrypted P2P over Tor

SSH is kinda neat because it allows you to update/change your ciphers and such

This is also a great resource: GitHub - jtesta/ssh-audit: SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc) , it’s a script than you can check your own sshd server.

Also, this script is related with the SSH Hardening Guides web.

oh nice, yeah i found ssh-audit in my linux distro’s repo - it seems well-used. i could just keep ssh-audit updated and not worry about reading deprecation notices :smiley: either way it’s definitely a nice second-check to make sure everything is fine :slight_smile:

1 Like