SSH Access Configuration in Virtualmin
Virtualmin is a powerful server management tool that allows you to manage multiple domains and services from an intuitive web interface. Configuring SSH access is one of the most critical aspects to consider when managing a server, as it enables secure and encrypted connections for remote management. In this article, we will detail how to configure SSH access in Virtualmin, covering everything from generating SSH keys to connection security and access monitoring.
Generating SSH Keys
Using SSH keys is one of the best practices for securely authenticating users on a server. SSH keys are cryptographic key pairs that ensure the integrity and confidentiality of SSH connections.
What is an SSH Key?
An SSH key consists of two parts: a private key that must be kept secure and a public key that can be distributed. Authentication is performed by verifying the public key on the server and the private key on the client.
Generating SSH Keys in Virtualmin
- Accessing Virtualmin: Log in to Virtualmin through your web browser.
- Navigating to SSH Administration: Go to
Webmin > Servers > SSH Server. - Authentication Configuration: Select the tab
Authenticationand then click onGenerate a new key pair. - Generate the Key: Select the key type (usually RSA is a secure option) and the key size (at least 2048 bits). Enter a passphrase if you desire greater security.
- Saving the Keys: Export the public key and save it on your server in the file
~/.ssh/authorized_keysfor the user. The private key must be saved in a secure location on the client machine.
Permission Configuration
Once SSH keys are generated, it is essential to configure permissions appropriately to ensure that only authorized users can access the server.
Scheduling authorized_keys
- Edit File
authorized_keys: Log in to your server as the user you wish to configure and edit the file~/.ssh/authorized_keysto include the newly generated public key. - File Permissions: Ensure that the file
authorized_keyshas 600 permissions (only the owner can read and write).
chmod 600 ~/.ssh/authorized_keys- Directory Permissions: Ensure that the directory
~/.sshhas 700 permissions (only the owner can read, write, and execute).
chmod 700 ~/.sshPermission Configuration in Virtualmin
- Accessing SSH Server Configuration: Go to
Webmin > Servers > SSH Server. - Access Control: In the tab
Access Control, you can specify which users or groups are permitted to log in via SSH.
SSH Connection Security
SSH connection security is fundamental to protecting your server against unauthorized access. Below are some best practices and configurations you can apply in Virtualmin to improve security.
Disabling Password Access
Once SSH keys are configured, it is recommended to disable password access to prevent brute-force attacks.
- Edit SSH Configuration: Go to
Webmin > Servers > SSH Server > Authentication. - Disable Password Access: Uncheck the option
PasswordAuthenticationand ensure thatPermitRootLoginis set toprohibit-password.
Changing the Default Port
Changing the default port (22) can reduce the number of unauthorized access attempts.
- Edit SSH Configuration: Go to
Webmin > Servers > SSH Server > Networking. - Change the port: Enter a new port number in the field
Port.
Port 2222 (for example)Configuring the Firewall
Ensure that only authorized IP addresses can access the new SSH port. This can be configured through your server's firewall.
- Accessing the Firewall: Go to
Webmin > Networking > Linux Firewall. - Configure Rules: Add rules to allow traffic on the SSH port and from authorized IPs.
Using Fail2Ban
Fail2Ban is a tool that can block IP addresses showing signs of malicious activity, such as multiple failed login attempts.
- Install Fail2Ban:
sudo apt-get install fail2ban- Configure Fail2Ban: Edit the file
/etc/fail2ban/jail.localto include specific rules for SSH
[sshd]
enabled = true
port = 2222
logpath = /var/log/auth.log
maxretry = 3Using Two-Factor Authentication (2FA)
For an additional layer of security, consider implementing two-factor authentication (2FA). This can be done using Google Authenticator or any other tool compatible with SSH.
Access Monitoring
Monitoring SSH access is crucial for quickly detecting and responding to any suspicious activity.
SSH Logs
SSH access logs are generally found in /var/log/auth.log o /var/log/secure depending on the operating system distribution.
- Reviewing Logs: You can manually review logs using tools like
grep.
grep "Failed password" /var/log/auth.logConfiguration in Virtualmin
Virtualmin allows configuration of notifications for specific events, which can be useful for monitoring SSH access.
- Accessing Notifications: Go to
Webmin > System > System and Server Status. - Configure Notifications: Select
Scheduled Monitoringand configure notifications for SSH events.
Using Monitoring Tools
For more advanced monitoring, tools like Nagios, Zabbix o Prometheus can be integrated to offer real-time monitoring and alerts.
Conclusion
Proper configuration of SSH access in Virtualmin is essential to secure your server and protect it against unauthorized access. From generating SSH keys to configuring permissions and implementing security measures, every step is crucial to maintaining the integrity and security of your server environment. Don't forget to regularly monitor access and always stay informed about security best practices to ensure your server remains secure.
Implementing these configurations will not only protect your server but also give you the peace of mind of knowing your environment is secure and under control.
Related Posts:
- How to Manage User Permissions in Virtualmin: Creation, Permission Assignment, Role Management, and Access Auditing
- File Transfer Security in Virtualmin: SFTP/FTPS Configuration, Permission Management, Encryption, and Security Monitoring
- Configuring LDAP Authentication in Virtualmin: Installation, User Management, and Access Monitoring
- How to Audit Security in Virtualmin: Configuration Review, Access Monitoring, and Log Analysis

