To minimize the possibility of malicious attacks, maintain critical SSH key file permissions on your virtual appliance host machines.

Procedure

  1. Check the SSH public key files by running the following command: #ls -al /etc/ssh/*pub
  2. Verify that the files have the following permissions. 
    -rw-r--r-- 1 root root 609 date and time /etc/ssh/ssh_host_dsa_key.pub
-rw-r--r-- 1 root root 181 date and time /etc/ssh/ssh_host_ecdsa_key.pub
-rw-r--r-- 1 root root 101 date and time /etc/ssh/ssh_host_ed25519_key.pub
-rw-r--r-- 1 root root 401 date and time /etc/ssh/ssh_host_rsa_key.pub
  3. Check the SSH private key files by running the following command: ls -al /etc/ssh/*key
  4. Verify that the files have the following permissions. 
    -rw------- 1 root root  668 date and time /etc/ssh/ssh_host_dsa_key
-rw------- 1 root root  227 date and time /etc/ssh/ssh_host_ecdsa_key
-rw------- 1 root root  411 date and time /etc/ssh/ssh_host_ed25519_key
-rw------- 1 root root 1679 date and time /etc/ssh/ssh_host_rsa_key
  5. Check the SSH configuration files by running the following command: #lls -al /etc/ssh/*config
  6. Verify that the files have the following permissions. 
    -rw-r--r-- 1 root root 1914 date and time /etc/ssh/ssh_config
-rw------- 1 root root 3481 date and time /etc/ssh/sshd_config