Skip to content

cybiohub/cfg_sshd_config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
banner
banner
 
 
md
md
 
 
CHANGELOG
CHANGELOG
 
 
README.md
README.md
 
 
sshd_config
sshd_config
 
 

Repository files navigation

alt text

Cybionet - Ugly Codes Division

SUMMARY

Here is a sshd_config configuration file for the SSHD service annotate according to Cybionet standards.

"FEATURES"

  • Complies with STIG recommendations
  • Complies with Cisofy recommendations
  • Complies with RHEL CCE recommendations
  • Verification done with ssh-audit for
    • Key exchange algorithms
    • Host-key algorithms
    • Encryption algorithms
    • Message authentication code algorithms
  • And a lot of useful comments in the configuration.
  • Uses a restricted group to allow the user to login via SSH.

RESTRICTED GROUP

  1. Create the restricted group.
sudo groupadd restricted
  1. Then add your user to this group.
sudo usermod -a -G restricted yourusername
  1. Add a sudoers file to allow restricted group to use sudo command.
sudo vim /etc/sudoers.d/restricted

and put this line in the file.

# Allow all user in restricted group to sudo for all commands.
%restricted ALL=(ALL) ALL
  1. TEST!! Don't disconnect your SSH session, and try to establish a new SSH connection to see if everything work fine.

RECOMMENDATION

Use Google-Authenticator or a SSH Key with the SSH service to improve its security.

About

sshd_config config file

Topics

ubuntu openssh sshd-config

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v1.2.27 Latest
Apr 11, 2023

Packages