Archive for the tag 'SSH'

SBDavid
Jul 14th, 2012

Set Idle Timeout Interval for User Logins

Set Idle Timeout Interval for User Logins

SSH allows administrators to set an idle timeout interval. After this interval has passed, the idle user will be
automatically logged out.

Find and edit the following lines in /etc/ssh/sshd_config as follows:

ClientAliveInterval interval
ClientAliveCountMax 0

The timeout interval is given in seconds. To have a timeout of 5 minutes, set interval to 300.

SBDavid
Sep 12th, 2011

How to restore your SSH access using WHM Autofixer

How to restore your SSH access using WHM Autofixer

If you are locked out and can’t SSH to your server, WHM Autofixer may help you!

Here is process to restore SSH settings and access.

1. Login to your WHM using the following URL:

https://HOSTNAME-OR-IP:2087/scripts2/autofixer

Change the HOSTNAME-OR-IP as appropriate for you.

2. In the Autofixer interface, put the name safesshrestart as shown on the image.

WHM SSH Autofixer

3. Hit the Submit button.

This will restore your SSH configuration and restart your sshd! You should be able to login easily after that!

SBDavid
Oct 25th, 2010

Limit SSH access By IP Address

Limit SSH access By IP Address

Secure your server more, and prevent brute force attacks, you can limit SSHd to certain IP addresses by manipulating the /etc/hosts.allow file and the /etc/hosts.deny file.

Open /etc/hosts.allow

Use the following command to open the hosts.allow file:

vi /etc/hosts.allow

Once this file is open, add the following line:

SSHD : ipaddress : ALLOW

Open /etc/hosts.deny

Use the following command to open the hosts.deny file:

vi /etc/hosts.deny

Once it opens, add the following line to the file:

SSHD : ALL : DENY

Save and exit, and you have successfully limited SSH access by IP address.

SBDavid
Jul 23rd, 2010

Changing the SSH Port Number

Changing the SSH Port Number

To change the SSH port number login as root, and edit /etc/ssh/sshd_config

Find the line that says Port 22 and change 22 to any number between 1024->65535 (above 30000 is best) and save the file.

Once done, run:

/etc/init.d/sshd restart

Now start a new SSH session (don’t close your existing one), to make sure that you can get in.

-p port
Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file.

SBDavid
Jul 19th, 2010

Adding SPF records for a user via SSH in Cpanel servers

Adding SPF records for a user via SSH in Cpanel servers

SPF (Sender Policy Framework): A feature that allows a recipient server to verify that an email message has really been sent from the domain specified in the From: field. Enabling SPF can prevent your server from receiving replies to spam that has forged your domain name as part of the sender’s address. SPF only works if both the sending and receiving mail servers have SPF enabled.

Login to your cpanel server as root user.

/usr/local/cpanel/bin/spf_installer USERNAME

Next »