Categories
Linux

Password-less SSH login to your VPS

A lot of Web devs and App devs probably login to their VPS or Cloud Server with SSH very frequently to deploy their apps or maintain the server. Needing to type the password everytime could be¬†crumblesome and insecure. I’ll show you how to how to setup password-less SSH login and some more practical usage. This article applies to Linux and Mac users.

The steps

In your machine, use the following command

Categories
Linux

Protect your server from SSH attack

Today I have found that there is an IP in Turkey keep trying to login to my server, and I’ve found that my current settings has no protection against this brute-force login, so I did a Google search on this and would like to share with you guys.

To check if your server is currently being attacked via ssh, use this command

> tcpdump port ssh

sshd config

In CentOS, the sshd config is located at /etc/ssh/sshd_config, I have uncommented the following lines:

you can also limit root access, allow only certain IP to access the ssh etc, however I’m using dynamic IP ISP and I’m used to root ssh access, so I only use these settings.

IPTables protection

Relying only on sshd_config is not enough, the attack host still keep sending login requests and could possibly paralyse the network traffic of linux box. I need to find a way to