Error: I'm afraid this is the first I've heard of a "article;_CCNA" flavoured Blosxom. Try dropping the "/+article;_CCNA" bit from the end of the URL.
SSHD Intrusion Prevention
First version: 2006/11/23
There are many 'bots out on the internet that scan for linux hosts and attempt automated sign-ins to machines using common usernames and dictionary passwords. It is tough to lock those bots out but still allow user's to sign into a machine.
To close that loophole in a system's security, there are a couple of things to do. First of all, be sure that telnet access to a machine has been turned off. Telnet is is not a secure remote access technology as all traffic, including passwords, is transmitted in the clear.
The alternate form of remote console access to a machine is through an ssh client. There are a number of primary ssh protocols: ssh1 and ssh2, with the second being more secure than the first. With the ssh daemon running on a machine, in its standard configuration, the bots can still attempt username and password scans on a machine, and possibly through luck of the draw, gain access. Even though passwords and usernames are encrypted, it doesn't prevent the bots from trying them anyway.
In a related article regarding Putty SideKicks, I wrote an article about how to create a public/private key-pairs. This key-pair concept is required for implementing this solution.
Make sure the authorized_keys file in the user's .ssh directory has been updated with their public key. Then, in the sshd_config file, there is an entry called 'PasswordAuthentication'. It is typically set to 'yes'. Set it to no, and restart the sshd daemon.
This will prevent all password based logins to a server. Only users with pre-arranged public/private key-pairs will be allowed access to the server.
This closes down one form of unauthorized access to a server. However, nother remotely accessible applications on a server still need evaluation to determine their risk in permitting server intrusions. #