Secure SSH By Disabling Password Logins

Make bruteforce attempts almost impossible

I always disable SSH password logins when setting up a new server, allowing authentication via private key only. It’s a good way to secure SSH all-around.

Disabling password logins in Ubuntu is extremely easy.

Open /etc/ssh/sshd_config with nano or vi. You’ll want to change options for 3 different directives, ChallengeResponseAuthentication, PasswordAuthentication, and UsePAM.

Find those directives in /etc/ssh/sshd_config and set them to the following:

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Save sshd_config, and reload ssh:

sudo service ssh reload

That’s it, now you won’t be able to SSH to your server and login with a password, and neither will anyone else.

Of course, you’ll want to enable private key authentication, first. If you don’t, you’ll lock yourself out of your server.

DigitalOcean has a good article on how to do this.

Do you allow SSH password logins?

View Results

Loading ... Loading ...

Let’s go a bit farther and only allow specific users to login via SSH. We can do so with by adding a line like the one below to /etc/ssh/sshd_config:

AllowUsers firstuser seconduser thirduser

This will allow only three users to login: firstuser, seconduser, or thirduser. I usually add my AllowUsers directive towards the top of sshd_config.

After modifying /etc/ssh/sshd_config, reload ssh again like so:

sudo service ssh reload

WordPress Multisite Administration

WordPress Multisite Administration is avaialable for pre-order from packtpub.com. I won’t go into the details of the book here, I’ve touched on it previously. Packt will be publishing WordPress Multisite Administration tomorrow (maybe it’s today now), Monday August 26.

A few days ago the folks at Packt sent me over the book cover for approval, there’s a copy of the book cover attached to this post. My daughter Sydney really liked it, and I didn’t see any reason to argue with her.

I’ll have a few books to give away, am not sure if I’ll be doing that on this blog, on Twitter, Google+, or what. Either way I’ll post something about the book giveaway here. I think I’ll have 3 physical books and 1 ebook to giveaway right away after publication.

I really enjoyed working with the technical editors, who gave great advice throughout the editing process. And, as I suspect is normal, the people at Packt were all wonderful to work with. Communication was great and I think I was able to deliver everything on deadline, if not before. Although there may have been a couple times I had to ask for an extra day or two, which they were always willing to happily accommodate. It was laid-back and just generally a fun experience.

In a month or two I should have news on another book. It’ll be another WordPress book most likely, but could possibly be about one of the newer, more design focused CMS offerings, which there are lots of these days.

My new subs

I got some new subs for my car a few days ago. They’re Eclipse 88120Ti. I bought two of em and a new box. The price on the sticker said $899, but the owner guy at Audio Plus said he’d sell them to me for $500. That’s not too bad considering that one of those subs alone retails for $500. Two for the price o’ one.

Anyway, they sound pretty good. Here’s a review:
http://www.canze.org.nz/reviews/index.cfm?product_ID=1116

Strippers

Our office got broken into last weekend. They took Jeremy’s PC which had lots of very sensitive info on it. Luckily they didn’t take the new PC that I just got like two days before. What’s that have to do with strippers? Absolutely nothing.

However, lastnight a bunch of us went to the Lumber Yard in Des Moines for Josh’s birthday. It was a pretty good time. I’m glad I didn’t bring a whole lot of money cuz there’s tons of great looking girls there.