Harden (Smart City, 150p)

During regular systems audits, it was discovered that one of the DEV jumphosts does not meet the security baseline.
Therefore this system must be hardened.
Harden the SSH configuration so that it meets the baseline.
* Make sure that root login is disabled
* disable password authentication
Add this public key so that the user: sysadmin is able to log in with their private key

SSH access:
Hostname: envXXX.target02
Port: 2224
Username: sysadmin
Password: Cool2Pass

solution

Connect to SSH server. 

# ssh -p 2224 sysadmin@envXXX.target02
sysadmin@envXXX.target02's password: Cool2Pass
To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.

sysadmin@secure-jumphost:~$

Add public key as authroized key. 

sysadmin@secure-jumphost:~$ mkdir -p .ssh
sysadmin@secure-jumphost:~$ curl -so .ssh/authorized_keys http://shared.target05/cboe22/id_rsa.pub

Add PermitRootLogin yes and PasswordAuthentication no to /etc/ssh/sshd_config. 

sysadmin@secure-jumphost:~$ sudo vim /etc/ssh/sshd_config

Restart sshd service. 

sysadmin@secure-jumphost:~$ sudo service ssh restart
[sudo] password for sysadmin: Cool2Pass
 * Restarting OpenBSD Secure Shell server sshd

Done.

Buy Me A Coffee