Sshbastion

From HoerupWiki
Revision as of 20:46, 28 October 2017 by Torben (talk | contribs)
Jump to: navigation, search

ref

sshd basic

  • make sure ssh root is cert only or disabled
  • PermitRootLogin prohibit-password
  • AllowTcpForwarding no
  • X11Forwarding no
  • Only allow certain group to ssh
  • AllowGroups sshusers


proc

Make sure users can't see other users processes:

  • proc /proc proc defaults,hidepid=2 0 0