The document discusses securing SSH access by changing default SSH keys. It provides steps to move the existing ssh_host_* keys to a past_keys folder. Then it instructs to regenerate new SSH keys using the dpkg-reconfigure openssh-server command. Finally, it recommends verifying the new keys are different than the old ones by comparing the MD5 hashes of the keys.
The document discusses securing SSH access by changing default SSH keys. It provides steps to move the existing ssh_host_* keys to a past_keys folder. Then it instructs to regenerate new SSH keys using the dpkg-reconfigure openssh-server command. Finally, it recommends verifying the new keys are different than the old ones by comparing the MD5 hashes of the keys.
The document discusses securing SSH access by changing default SSH keys. It provides steps to move the existing ssh_host_* keys to a past_keys folder. Then it instructs to regenerate new SSH keys using the dpkg-reconfigure openssh-server command. Finally, it recommends verifying the new keys are different than the old ones by comparing the MD5 hashes of the keys.
Introduction : SSH is a powerful security tool, protecting privileged access to mission critical systems. However, when it is not properly managed, it can become a security liability instead of asset, Most SSH server and client implementations (e.g., OpenSSH) include a significant number of configuration parameters which impact operation and security, including options for authentication, root access, port forwarding, file locations, etc. Fortunately, over the years, most SSH implementation developers have selected default configurations that are more secure. However, there are a couple of defaults, such as port forwarding and the location of authorized key files, that are not optimal. In addition, if your users and administrators arbitrarily change those configurations without considering the security implications, they can open those systems to broader attacks. The SSH keys we need to change are located in the /etc/ssh directory We can navigate to this directory in our command terminal by running the command “cd /etc/ssh” and then running the “ls” command to list the contents in the directory. The keys we need to replace are the ones labeled ssh_host_* we want to replace these keys, we do not want to immediately delete them. Instead, we will create a folder in the /etc/ssh directory and move those keys into that folder. We can do that with the command “mkdir past_keys” to make the folder. Next, run the command “mv ssh_host_* /etc/ssh/past_keys”. This will move the keys we want to change into the folder we just created. Finally, if we run “ls past_keys, you can find the keys there. Now that the keys have been successfully moved, we can move forward to the next step. Now we need to create new keys. In the terminal, run the command “dpkg-reconfigure openssh-server” we do want to confirm that new SSH keys are indeed new. To do that, we check the MD5 hashes of the new keys and compare them to the default one we moved earlier. In command terminal and in the /etc/ssh directory, enter the command “md5sum ssh_host_*”. We will see the MD5 hash values for the SSH keys we just created. Now, let’s compare those values to the old keys. we Type “md5sum /etc/ssh/past_keys/ssh_host_*”. When those values pop up,we compare each one from the newly created keys to the default keys in the “past_keys” folder.