[clue-tech] Protecting against the ssh hack
Jack Parker
jack.parker4 at verizon.net
Mon Sep 25 21:08:01 MDT 2006
Hmmm, I should really take a closer look at that man page.
Thank you all for steering.
j.
-----Original Message-----
From: clue-tech-bounces at cluedenver.org
[mailto:clue-tech-bounces at cluedenver.org]On Behalf Of Ken MacFerrin
Sent: Monday, September 25, 2006 10:47 PM
To: CLUE tech
Subject: Re: [clue-tech] Protecting against the ssh hack
Jack Parker wrote:
> Way cool. Works perfectly. Console can login as root, ssh cannot. I
like
> that it acts as though it's just a bad passwd.
>
> j.
>
> -----Original Message-----
> From: clue-tech-bounces at cluedenver.org
> [mailto:clue-tech-bounces at cluedenver.org]On Behalf Of adam bultman
> Sent: Monday, September 25, 2006 10:09 PM
> To: CLUE tech
> Subject: Re: [clue-tech] Protecting against the ssh hack
>
> Restricting root login can be done in 'sshd_config', which should be
> somewhere around /etc/ssh/ . Change PermitRootLogin or whatever to
> 'No', and restart sshd.
>
>
For a machine with a limited number of users, I prefer to take this a
step further and "whitelist" only the specific users that I want to
allow SSH access:
# /etc/ssh/sshd_config
PermitRootLogin no
AllowUsers user1 user2 user3
-Ken
_______________________________________________
clue-tech mailing list
clue-tech at cluedenver.org
http://www.cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list