Despite the SSH protocol being one of the most secure protocols available today, some misconfigurations can still make the SSH server vulnerable to easy-to-execute attacks. Let us take a look at the following settings:
| Setting | Description |
|---|---|
PasswordAuthentication yes |
Allows password-based authentication. |
PermitEmptyPasswords yes |
Allows the use of empty passwords. |
PermitRootLogin yes |
Allows to log in as the root user. |
Protocol 1 |
Uses an outdated version of encryption. |
X11Forwarding yes |
Allows X11 forwarding for GUI applications. |
AllowTcpForwarding yes |
Allows forwarding of TCP ports. |
PermitTunnel |
Allows tunneling. |
DebianBanner yes |
Displays a specific banner when logging in. |