linuxonazure

apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd

Lab to secure SSH

SSH is secure over the wire, but this lab is about locking down who can access SSH from where.

This lab uses password security in one instance to make it tests easier-- keys only get in the way at that point.

After this lab (let's call it ssh01), try to run the following:

ssh -p 2222 `azure network public-ip list | awk '{ print $10 }' | grep ssh01`

Nothing.

Try to run /root/connect.sh. That will work.

There's the Azure NSG security, the firewall security, the SELinux security, the hosts.allow security and the AllowUsers security.

Deploy to Azure
apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd