Open main menu

CDOT Wiki β

Changes

OPS235 Lab 7 - CentOS7

1,409 bytes removed, 09:57, 23 July 2015
no edit summary
==Part 2: Making sshd More Secure ==
Anytime you configure your computer to allow logins from the network you are leaving yourself '''vulnerable to potential unauthorized access''' by so called "hackers". Running the sshd service is a fairly common practice but '''care must be taken to make things more difficult for those hackers that attempt to use "brute force" attacks to gain access to your system. Hackers use their knowledge of your system and many password guesses to gain access'''. They know which port is likely open to attack (TCP:22), the administrative account name (root), all they need to do is to "guess" the password.<br><br> Making your root password (and all other accounts!) both quite complex but easy to remember is not hard.  The Linux system administrator can also '''Passwords should be a minimum of 8 characters longconfigure the SSH server to make the SSH server more secure'''. Examples include not permitting root login, preferably longer, contain upper and lower case letters, numbers, and special characters. A good example of a strong password might be "LotR3--RotK." This is not that hard to remember as it corresponds to a book title. "Lord of the Rings 3 Return of change the King." The password "P@ssw0rd!" is not as good because it is quite obvious and commondefault port number for ssh.
{|width="40%" align="right"
|- valign="top"
|{{Admon/note |Hardening your Linux Server | Anytime you configure your computer to allow logins from the network you are leaving yourself '''vulnerable to potential unauthorized access''' by so called "hackers". Running the sshd service is a fairly common practice but '''care must be taken to make things more difficult for those hackers that attempt to use "brute force" attacks to gain access to your system. Hackers use their knowledge of your system and many password guesses to gain access'''. They know which port is likely open to attack (TCP:22), the administrative account name (root), all they need to do is to "guess" the password.<br><br> Making your root password (and all other accounts!) both quite complex but easy to remember is not hard. '''Passwords should be a minimum of 8 characters long''', preferably longer, contain upper and lower case letters, numbers, and special characters. A good example of a strong password might be "LotR3--RotK." This is not that hard to remember as it corresponds to a book title. "Lord of the Rings 3 Return of the King." The password "P@ssw0rd!" is not as good because it is quite obvious and common.}}
|}
# For this section, you will still be using your '''centos1''' and '''centos2''' VMs.
# Think of a good quality password and change your root passwords on all 3 VM's to be more secure. (It would be a good idea to do this for non-root accounts also)
13,420
edits