I'd like to hear some opinions on implementing a SSH jump box as I am currently documenting on this. I am searching for a very lightweight linux OS through which I can access my internal network. Only this server will have port 22 unfirewalled so I can login from everywhere I am.
SSH box
/ | \
server1 - server2 - server3
Now from the security perspective, how should one proceed to keep this host uncompromised? I was thinking to automatically reinstall the OS every x hours, but this might be a pain to set up – if even possible.
Best Answer
I use jump boxes all the time, the easiest option is is a virtual machine in my opinion. It's such a medial task there is no need for a dedicated machine (unless you have hundreads of remote technicians?). Have a VM that runs SSH and PPTPD or OpenVPN.
As you say, only allow SSH for example in via itpables then use all your usual SSH best practices to keep it safe; don't allow root access, use only non-dictionary passwords or keys, if you come from static IPs outside, only allows those in, use fail2ban or iptables rules to ban IPs for 15 minutes that get 5 incorrect logins, blah blah blah (there is plenty of info on hardening SSH out there).
I don't think there is a need to re-install the OS every X hours. This is security through obscurity. If the machine is "broken into", how will you know if you just roll it back again a few hours later? Also, the security flaw exploited will still be there, so it will be re-exploited. Many people around the world have sshd open to the public on servers, that seems like an unnecessary step to me. Perhaps move it to a different port, this will remove all the automated attacks which just fill up your logs and frankly, annoy me, but obviously any determined human not machine, will find the alternate port in a jiffy (again this is more security through obscurity, I just do it so I don't have such massive logs).