I need to manage several servers remotely via SSH, I'm interested in ways to secure the connection and prevent unauthorised access. My thoughts: Limit access to only allow remote connections from our management network via iptables rules. Works but what if our ISP changes our fixed IP, which means we are effectively locked out from all the servers and requires a site visit to update the rules. We also need to provide access to engineers working from home using dialup, etc Some sort of client certificates to supplement username and password, Recommendations on securing the SSH daemon etc Any ideas and tips appreciated Cheers, Roland
