Node Hardening

This page documents the steps that have been taken on the kube360 cluster to harden the nodes.

Hardening SSH Access

1. Disable SSH Access via Password

First, open the SSH daemon configuration file for editing:

sudo env TERM=xterm nano /etc/ssh/sshd_config

Apply the following changes to ensure only public key authentication is allowed and password authentication is disabled:

# Make sure public key authentication is enabled
PubkeyAuthentication yes

# This is the main setting to disable passwords
PasswordAuthentication no

2. Restart the SSH Service

After saving the configuration changes, restart the SSH service to apply them:

sudo systemctl restart ssh