Professional Web Applications Themes

Enabling ssh service - Linux Setup, Configuration & Administration

At present, my machine does not allow ssh connections. When I try to ssh localhost, I get: inner-sanctum:~/bin{jonathan}% ssh localhost ssh_exchange_identification: Connection closed by remote host inner-sanctum:~/bin{jonathan}% I have a firewall and PortSentry, which may need to be taken into account in making ssh available. What setup steps are needed to get ssh enabled without opening unnecessary security holes? ++ Jonathan Hayward, com ** To see an award-winning website with stories, essays, artwork, ** games, and a four-dimensional maze, why not visit my home page? ** All of this is waiting for you at http://JonathansCorner.com...

  1. #1

    Default Enabling ssh service

    At present, my machine does not allow ssh connections. When I try to
    ssh localhost, I get:

    inner-sanctum:~/bin{jonathan}% ssh localhost
    ssh_exchange_identification: Connection closed by remote host
    inner-sanctum:~/bin{jonathan}%

    I have a firewall and PortSentry, which may need to be taken into
    account in making ssh available. What setup steps are needed to get
    ssh enabled without opening unnecessary security holes?

    ++ Jonathan Hayward, com
    ** To see an award-winning website with stories, essays, artwork,
    ** games, and a four-dimensional maze, why not visit my home page?
    ** All of this is waiting for you at http://JonathansCorner.com
    Jonathan Guest

  2. #2

    Default Re: Enabling ssh service

    Jonathan Hayward <com> wrote: 

    What "security hole" would you "open"?

    If you don't want a service, don't run one! Simple as that.

    And as a corollary, if you do want one, then run it. Ssh in particular.
    (hint).

    No firewall.

    Peter
    P.T. Guest

  3. #3

    Default Re: Enabling ssh service

    Hello

    Jonathan Hayward (<com>) wrote:
     

    Check if ssh is allowd in hosts.allow or hosts.deny. Read the man page
    for those files: man hosts_access

    Check is sshd is running and is configured to the right interfaces (use
    netstat -l on the server).

    If you need a firewall on the server, allow port 22 for new connections,
    not only for established and related connections.
     

    Make sure sshd only works on those network interfaces you want it.

    Decide if maybe instead of using password authentication you could
    disable it and use public key authentication (with password protected
    private keys).

    Disable root login.

    Enable login only for selected users.

    best regards
    Andreas Janssen

    --
    Andreas Janssen
    com
    PGP-Key-ID: 0xDC801674
    Registered Linux User #267976
    Andreas Guest

Similar Threads

  1. enabling verity
    By deancarrera in forum Coldfusion Server Administration
    Replies: 7
    Last Post: May 17th, 04:12 PM
  2. Enabling Firewall
    By Roger in forum Windows Setup, Administration & Security
    Replies: 2
    Last Post: August 15th, 04:05 AM
  3. enabling DUN
    By Ken Wickes [MSFT] in forum Windows Networking
    Replies: 5
    Last Post: July 9th, 07:37 PM
  4. Enabling ssl on web?
    By Miranda, Joel Louie M in forum Debian
    Replies: 3
    Last Post: July 3rd, 08:40 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139