To configure the timeout for SSH sessions, let’s see where the SSH server configuration file is located:
sudo find / -name sshd_config
Open it in any text editor, for example nano:
sudo nano /etc/ssh/sshd_config
Category Archives: Security
How to disconnect SSH user
Let’s say that several users are connected through SSH.
First look at the list of online users:
w
Suppose the following information is displayed (where test is the user’s login):
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT test tty1 11:20 1:07 0.03s 0.03s -bash test pts/0 192.168.1.5 11:21 13.00s 0.02s 0.02s -bash test pts/1 192.168.1.3 11:21 0.00s 0.02s 0.00s w
tty1 – it is a client logged in locally, that is, it is located near the computer.
pts/1 – judging for example on IP and WHAT, let’s assume that it’s us, accordingly pts/0 is the client of which we want to disconnect.
See the list of processes and their PID:
ps faux |grep sshd
At me it was displayed:
root 946 0.0 0.5 65508 5368 ? Ss 12:00 0:00 /usr/sbin/sshd -D root 1147 0.0 0.6 92828 6920 ? Ss 12:01 0:00 \_ sshd: test [priv] test 1178 0.0 0.3 92828 3384 ? S 12:01 0:00 | \_ sshd: test@pts/0 root 1192 0.0 0.6 92828 6592 ? Ss 12:02 0:00 \_ sshd: test [priv] test 1223 0.0 0.3 92828 3532 ? S 12:02 0:00 \_ sshd: test@pts/1 test 1248 0.0 0.0 15468 956 pts/1 S+ 12:25 0:00 \_ grep --color=auto sshd
We find test@pts/0 and accordingly 1178 is the required PID.
We terminate the process by specifying its ID, after which the user will immediately disconnect:
sudo kill -9 1178
See also my articles:
Configuring SSH session timeout
Installing and Configuring SSH
Installing and using ClamAV antivirus
Clam AntiVirus — a package of antivirus software running on many operating systems.
Continue reading “Installing and using ClamAV antivirus”Configuring Fail2Ban for Bind9
Suppose Fail2Ban is already installed, if not, then see my article – Installing and Configuring Fail2ban.
By default, Bind9 does not write logs, so open its configuration file in any text editor:
Continue reading “Configuring Fail2Ban for Bind9”How to find iPhone from a computer?
To see from the computer where the iPhone is located:
Continue reading “How to find iPhone from a computer?”Installing Certbot in Ubuntu
On the test I will install ACME client Certbot in Ubuntu 16.04 (xenial), which will help to get Free SSL certificates Let’s Encrypt for 90 days and automatically update them.
For other versions of Ubuntu, the Certbot client is installed similarly.
Installing and Configuring Let’s Encrypt SSL
On the test I will install Let’s Encrypt which allows you to install free SSL certificates for 90 days and automatically re-issue them.
Continue reading “Installing and Configuring Let’s Encrypt SSL”Removing exploits from Ubiquiti devices
Once I noticed the spread of the virus/exploit on the network with Ubiquiti devices. Exploit using a vulnerability in older versions of firmware copied itself to other devices and from them attacked the following.
Continue reading “Removing exploits from Ubiquiti devices”Installing and Configuring Fail2ban
In this article, I will provide an example of how to install and configure Fail2ban.
Continue reading “Installing and Configuring Fail2ban”Configuring Fail2Ban for ProFTPd
Suppose Fail2Ban is already installed, if not, then see my article – Installing and Configuring Fail2ban.
In Fail2Ban by default, there are already filters for ProFTPd and it knows that the log file is located at /var/log/proftpd/proftpd.log, so it’s enough to create the file:
sudo nano /etc/fail2ban/jail.d/proftpd.local
And enter the data below, thereby activating the check of the log file /var/log/proftpd/proftpd.log:
[proftpd] enabled = true bantime = 86400
Restart Fail2Ban to apply the changes:
sudo service fail2ban restart
You can check the status:
sudo fail2ban-client status proftpd