On 19Jun2008 21:16, Kevin J. Cummings <cummings@xxxxxxxxxxxxxxxxxx> wrote: > Aldo Foot wrote: >> On Thu, Jun 19, 2008 at 2:01 PM, <jeff@xxxxxxxxxx> wrote: >>> I'm trying to make my system a little more secure but still allow it to be >>> accessed remotely from the internet using ssh and I'm looking for some >>> guidance. The systems in question are a Fedora 9 and a Fedora Core 6 system. >>> >>> The first thing I did was on my workstation (that I ssh from) is create a >>> public/private key pair and installed the public key in >>> ~/.ssh/authorized_keys2, and disabled the password authentication in the >>> /etc/ssh/sshd_config and everything so far works great. >> >> I believe the file with the keys is '~/.ssh/authorized_keys', without the '2'. >> as specified in the sshd_config. >> AuthorizedKeysFile .ssh/authorized_keys > > I only use the ssh 2 protocol. As such, I have/use authorized_keys2. > The version without the "2" is for ssh 1 protocol, and its used should > be deprecated as its not as secure as ssh 2. Actually a modern ssh will get ssh2 keys from authorized_keys. To lock it down you should specify "Protocol 2" in the sshd_config file, thus forbidding ssh1 in the sshd config, and not by luck with the key file. -- Cameron Simpson <cs@xxxxxxxxxx> DoD#743 http://www.cskk.ezoshosting.com/cs/ -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
