[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] sshd security tweaking

Subject: [cobalt-security] sshd security tweaking
From: "Rodrego Alverez" <rodalverez@xxxxxxxx>
Date: Wed, 03 Apr 2002 02:12:05 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

We seems to be among the many whose Cobalt RaQ4 has been hacked through the SSH exploit. 
After a complete re-installation, we have secured the box a bit better this time (self-issued certificate for Cobalt admin interface, upgrade to OpenSSH 3.1 and such). 

Since I, as server admin, am the only person needing shell access, I was thinking of changing the port to which sshd listens to something more obscure, rather than the default 22. Does this help? 

Would it be done in the /etc/ssh/sshd_config file? It seems that every line in that file is commented out in the version of ssh I downloaded from http://pkgmaster.com/. 

I have uncommented the line to stop direct root login myself.  I also uncommented the line listing just Protocal 2, but that caused an error when I tried logging in.  Should I still attempt to turn off acceptance of SSH1 as well? 

Is this all done in the same config file? 

Thanks for advice! 
Rod. 


-- 

_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Follow-Ups:
- Re: [cobalt-security] sshd security tweaking
  - From: David Garcia Watkins
- Re: [cobalt-security] sshd security tweaking
  - From: Kevin D

Prev by Date: Re: [cobalt-security] gmon.out a security issue?
Next by Date: Re: [cobalt-security] sshd security tweaking
Previous by thread: [cobalt-security] Blocking Emails
Next by thread: Re: [cobalt-security] sshd security tweaking

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index