Mike wrote:
Sorry, I am a bit lost here. From what I can tell, there is a vulnerability with SSH1. It is not advised. The problem I have is that I need certian applications that use sftp such as dreamweaver do not support ssh2. And thus far I have been relying on ftp which I would think is 'less secure' than a vulnerability with SSH1. Am I wrong? I have been trying to wait the stink eye contest out with macromedia but as far as I can tell..... This is never going to happen on their end. So I try to generate a key ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key then edit /etc/ssh/sshd_config Protocol 2,1 try to restart ssh and I get; Disabling protocol version 1. Could not load host key Restarting OpenBSD Secure Shell server: sshdDisabling protocol version 1. Could not load host key Can somebody point me in the right direction? Also, would the SSH1 vulnerability be cut down if I only allow 1 non-root user SSH access via AllowedUsers?
Did you add this? HostKey /etc/ssh/ssh_host_key to /etc/ssh/sshd_config? Incidentally, you can tunnel your connection through regular SSH2. ssh -f -N -L 22:localhost:22 user@remote Then if you tell your app that the ssh server is localhost, your traffic will be in an SSH2 tunnel. You could do the same for regular FTP through a tunnel. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr
Attachment:
signature.asc
Description: OpenPGP digital signature