Rationale

If you intend to allow SSH connections to IGEL OS, there are a number of options that can make these more secure.

Instructions

To secure the SSH settings of your devices, make as many of the following settings as possible for your use case

  1. In IGEL Setup go to System > Remote Access > SSH.
  2. Deactivate Permit empty passwords.
  3. Deactivate Permit administrator login.
  4. Deny User access for user, who can execute any command with regular user privileges.
  5. Allow User access for ruser, whose access is restricted by the list Applications access for remote user 'ruser'.
  6. Where needed, edit the list Applications access for remote user 'ruser'. It defines the commands that ruser can run from remote. By default, a local shell (localshell) and IGEL Setup (/config/sessions/setup0) are allowed.
  7. Click Apply.
  8. Go to Security > Password, under User Account for Remote Access activate Use Password and set a password
  9. Click Apply.