First of all, you should always restrict who may log in using ssh. To do that add the following line to your /etc/ssh/sshd_config:
If nothing else this will not enable password scanners to guess the root password.
AllowUsers user1 user2 user3@source-ip
Use the following to disable password login (and enable for example only public key login):
Match User user3 The following will speed up logins:
It goes in the same file, but using this option you will not see the reverse names in your auth log - which are useless anyway most of the time.
Sometimes speed is more important than strong encryption, for example if you use SFTP to copy big files with not-so-secret content.
To do that open your /etc/ssh/ssh_config and add the following to the beginning:
According to my tests, this configuration speeds up on a 100mbit connection the copying from 3.3MByte/s to 9.8MByte/s where an unencrypted FTP copies with 11.2MByte/s. So it can save you a lot of time.
Host somename1 somename2 192.168.*.*
You can also relax the default config to every host if you want, add the following lines to your Host * section:
If you do add these lines there is no need to add the Compression and Macs parameters to the previous sections, these will be the default.
Last edited by perpeton at 2016-10-18 11:49 GMT