[SOLVED] ssh hardening !

atec666

Member
Mar 8, 2019
73
2
8
Issoire
with proxmox mail gateway is it possible to setup sshd_config without kiling cluster features an stuff etc ?

with those modifications :

PermitRootLogin prohibit-password
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
 
Last edited:

dcsapak

Proxmox Staff Member
Staff member
Feb 1, 2016
4,298
390
103
31
Vienna
yes this should work, as long as passwordless ssh between the nodes work
 

oguz

Proxmox Staff Member
Staff member
Nov 19, 2018
1,266
139
63
you can also install fail2ban to stop brute-force attacks
 

LnxBil

Famous Member
Feb 21, 2015
4,439
447
103
Germany
you can also install fail2ban to stop brute-force attacks
and additionally only allow special IP addresses or ranges to connect to your service. Fail2ban is nice, but blocking 99,99% of the attack surface also works nice.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!