Hi! This is not Ubuntu, but ClearOS. I run ClearOS as a gateway server and I have a few questions about security that I hope that I can get help with.
1. I have changed the default SSH port for security reasons (I know that a port scan will show the SSH port, but it's always something.) Now I want to enable SSH as root ONLY on my local LAN and not from the internet. How would I do that?
2. I have another user for myself, ericus, that I run screen + irssi from, and also connect via SSH (SFTP) to add and copy files. But, that user is allowed to become superuser via su -i. How do I disable that?
3. On my normal user, ericus, how do I root that user to /home/ericus? I don't want that user to browse outside of it's home-folder. How do I chroot that user (and disable su as in question number 2)?
This is the things I'd like to fix before enabling SSH on the external network.
Any help would be greatly appreciated. Please do explain as easily as possible since I am a pretty novive user.
Best regards, and thanks in advance,