Re: Questions concerning Security Log

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Thu, 2005-04-07 at 08:49 +0100, Paul Howarth wrote:
> Suggestions:
> 1. Disable root logins in ssh (you can still log in as a regular user
> and use "su") by putting "PermitRootLogin no" in /etc/ssh/sshd_config.
> 2. Make sure you use strong passwords for *all* accounts.
> 3. Consider turning off password authentication altogether and using
> certificates instead.

I have two additions to Paul's excellent list:

First is to create a group for remote users and only make those accounts
that need ssh access members of the group. Then
edit /etc/ssh/sshd_config and add:

	AllowGroups <remote-group>

replacing <remote-group> with your new group name.

Second, while you're in /etc/ssh/sshd_config look for the line

	#Protocol 2,1

and replace with

	Protocol 2

to remove an older, less secure option that you shouldn't need. Restart

Brian Gaynor
FC3/Linux on DELL Inspiron 5160 3.0Ghz 
canis 11:06:28 up 2:36, 2 users, 
load average: 0.18, 0.08, 0.01 

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux