Security

In an ideal world, all your clients would run the latest version of SSH and use ssh protocol 2, as that is the current default. That makes life much safer and easier.

Don’t Trust Users’ Known Hosts File

Furthermore, clients that don’t use ssh protocol 2 should not be considered particularly trustworthy, since there are many know exploits in Protocol 1. The addition of IgnoreUserKnownHosts to /etc/ssh/sshd_config will force the client to acknowledge the connection and effectively means the server doesn’t trust the client user’s ~/.ssh/known_hosts for RhostsRSAAuthentication. The two modified lines look like this now:

Protocol 2 IgnoreUserKnownHosts yes

Adding Iron

Maximal security is ideal; Never allow insecure protocol 1, don’tallow root logins, ignore Rhosts, and use Strict mode in production:

# The /etc/ssh/sshd_config that accepts both protocol 2
# Allow both proto 2
Protocol 2
# Never allow root to ssh directly
PermitRootLogin no
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
IgnoreUserKnownHosts yes
# Disable tunneled clear text passwords, make em use passphrases!
PasswordAuthentication no
# Be a StrictMode disciplinarian
PermitEmptyPasswords no
StrictModes yes
X11Forwarding no
# Only allow certain users and groups
AllowUsers joe bob elaine
AllowGroups admin

Of course these settings don’t guarantee your ssh server will be uncompromisable, but they should help.