Disabling SSH
Hi, is it a good idea for security reasons to disable SSH on a RHEL system at home? Thanks!
Responses
Hi GD,
I don't see a reason why one would want to disable ssh, because without knowing your password it would be kinda "hard stuff" for someone to break into your system ... but if you are one of those "super paranoid" persons - then you can disable it of course ... :)
Especially for a home system it is more than unlikely that something happens, well, for enterprises this might be a different thing.
Regards,
Christian
Hi,
As a safeguard, you can introduce two additional features on your home server if it is connected to ANY network:
a) Port knocking for SSH. Example:
https://netslovers.com/2018/02/28/port-knocking-server-securing-ssh-connection-centos-7/
b) Multi Factor Authentication. In its simplest form, do Two-Factor Authentication (2FA). For example,
Google Authentication for 2FA - software token that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP), for authenticating users. The service implements algorithms specified in RFC 6238 and RFC 4226, respectively.
Open Authentication (OATH) for 2FA. It is an industry-wide collaboration to develop an open reference architecture using open standards to promote the adoption of strong authentication. I used soft tokens via FreeOATH (at home) and Symantec Authenticator.
RSA Authentication Agent (commercial).
And many other options...
Regards,
Dusan Baljevic (amateur radio VK2COT)
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
