Author: Ryan M.
Original Website: linuxsecurity.com
Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place.
All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.
SSHv2 vs. SSHv1
There are numerous benefits to using the latest version of the SSH protocol, version 2, over it’s older counterpart, version 1 and I’m not going into a lot of details on those benefits here – if you’re interested, see the URL in the reference below or Google around. That being said if you don’t have an explicit reason to use the older version 1, you should always be using version 2.