[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sshd port config and security



On Fri, Apr 06, 2001 at 10:31:27AM -0500, Vinh Truong wrote:
> I have sshd set up on my machine at home.  Instead of the default port
> 22, I uninstalled telnetd and run sshd on 23.  I do this mostly because
> I want to ssh into my machine from work where they don't open port 22 on
> the firewall.  They do however allow telnet to the outside.  I have

Sounds like you need to talk to your firewall administrator. If you trust
him that is...  How can you be sure that he's not snooping on the passing
telnet traffic?

Perhaps running telnet-ssl might be an idea; but ssh is just so much 
better anyway...

> commented out everything in inetd.conf, set up hosts.allow / hosts.deny 
> so that only specific ips can connect.  I made sure using netstat -an
> that only port 23 was open.  I set up my hardware firewall to block all
> requests except for ones coming on 23.  For those, it is redirecting to
> my debian machine.  I configured sshd to allow only RSA key
> authentication and disabled root login.  I also increased the host key
> size to 1024.

Perhaps "PasswordAuthentification no" on sshd ?

-- 
Karl E. Jørgensen
karl@jorgensen.com
www.karl.jorgensen.com
==== Today's fortune:
Try to remove the color-problem by restarting your computer several times.
	-- Microsoft-Internet Explorer README.TXT

Attachment: pgpUkCgHIAwMr.pgp
Description: PGP signature


Reply to: