SSH
Definition
SSH (Secure Shell) is a cryptographic network protocol used for secure data communication, remote command-line login, and other secure network services between two networked computers. It provides a secure channel over an unsecured network by using a client-server architecture, encrypting the data transmitted to prevent eavesdropping, connection hijacking, and other attacks.
Secure Settings Example
# /etc/ssh/sshd_config
# Disable root login for security
PermitRootLogin no
# Use only SSH protocol version 2
Protocol 2
# Disable password authentication to enforce key-based authentication
PasswordAuthentication no
# Set a strong key exchange algorithm
KexAlgorithms curve25519-sha256@libssh.org
# Enable public key authentication
PubkeyAuthentication yes
# Limit user access to specific users
AllowUsers user1 user2
Insecure Settings Example
# /etc/ssh/sshd_config
# Allow root login, which is insecure
PermitRootLogin yes
# Allow password authentication, which is less secure than key-based
PasswordAuthentication yes
# Use outdated SSH protocol version 1
Protocol 1
# Allow all users, increasing the attack surface
AllowUsers *