I have sshd set up on my machine at home. Instead of the default port 22, I uninstalled telnetd and run sshd on 23. I do this mostly because I want to ssh into my machine from work where they don't open port 22 on the firewall. They do however allow telnet to the outside. I have commented out everything in inetd.conf, set up hosts.allow / hosts.deny so that only specific ips can connect. I made sure using netstat -an that only port 23 was open. I set up my hardware firewall to block all requests except for ones coming on 23. For those, it is redirecting to my debian machine. I configured sshd to allow only RSA key authentication and disabled root login. I also increased the host key size to 1024.
Is there anything else I can do to harden my setup, either on the firewall or on the server? TIA Vinh
