Tuesday, December 7, 2010

BASH customizing: Spice up the way your bash looks

Display multiple colors in bash shell prompt

Add this line to your .bashrc file
# Prompt text background by orange: two lines, title is full path of pwd,
PS1='\e[42m\d \@ \! \# \[\033]0;\h:\w\007\]\u@\h:\w\e[0;0m\nbash$ '

For changing prompt line color, use values from 40 to 47 instead of 42 in "\e[42m" 

\d - the date
\@ - the current time
\! - The history number of the command
\# - the command number of this command
\u@\h -Username@hostname (Useful when you use SCP to copy files between workstations)
\w – Current working directory (Full path)
\e[0;0m - Color ends here so that your shell color is not changed after this
\n - End of line; For prompt to be in the next line so that you have more space to type
bash$ - Just a prompt word and space for you to type

 Change the prompt color using tput

You can also change color of the PS1 prompt using tput as shown below:
$ export PS1="\[$(tput bold)$(tput setb 4)$(tput setaf 7)\]\u@\h:\w $ \[$(tput sgr0)\]"


Monday, December 6, 2010

Security solution for preventing remote ssh brute force attack on OpenSUSE Linux

If you see a lot of brute force attack on your /var/log/messages file,
you may want to beef up your security. I followed these steps to keep
the nasty intruders on bay.

System-wide OpenSSH Configuration for clients is located in the file
/etc/ssh/sshd_config. Edit the file to change the default parameters.

AllowUsers username1 username2
The option AllowUsers specifies and controls which users can
access ssh services. Multiple users can be specified, separated by

PermitRootLogin no
The option PermitRootLogin specifies whether root can log in using
ssh. Never say yes to this option.

Port 22
The default TCP port used by SSH is 22. It is understandable
therefore that practically all anonymous SSH brute force attempts are
only targeting TCP port 22. While we do not generally consider running
the service on an alternative port a reliable measure to enhance SSH
password authentication security long-term, it can offer some limited
protection. We consider this a short term hack and ideally a site with
a sound security posture would not need to change this option.

(Now you would need to ssh with -P port# flag to ssh)

MaxStartups 5
Specifies the maximum number of concurrent unauthenticated con-
nections to the sshd daemon. Additional connections will be
dropped until authentication succeeds or the LoginGraceTime
expires for a connection. The default is 10.

LogLevel INFO
The option LogLevel specifies the level that is used when logging
messages from sshd. INFO is a good choice. See the man page for sshd
for more information on other possibilities.