[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] sshd security tweaking
- Subject: Re: [cobalt-security] sshd security tweaking
- From: "David Garcia Watkins" <dgw@xxxxxxxxxx>
- Date: Wed, 3 Apr 2002 10:53:51 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi,
Lines in the config file are commented, because they are the default values
for each option. If you want to change a value, uncomment it, and change it.
Changing the port could fool some port scanners, not all. But its still a
good addition to your security measures.
Protocal actually spells Protocol, maybe this is your problem?
and, yes, its a good idea to disable SSH1.
David Garcia Watkins
dgw@xxxxxxxxxx
----- Original Message -----
> Since I, as server admin, am the only person needing shell access, I was
thinking of changing the port to which sshd listens to something more
obscure, rather than the default 22. Does this help?
>
> Would it be done in the /etc/ssh/sshd_config file? It seems that every
line in that file is commented out in the version of ssh I downloaded from
http://pkgmaster.com/.
>
> I have uncommented the line to stop direct root login myself. I also
uncommented the line listing just Protocal 2, but that caused an error when
I tried logging in. Should I still attempt to turn off acceptance of SSH1
as well?
>
> Is this all done in the same config file?
>
> Thanks for advice!
> Rod.
>
>
> --
>
> _______________________________________________
> Sign-up for your own FREE Personalized E-mail at Mail.com
> http://www.mail.com/?sr=signup
>
>
>