[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] SSH Confusion..._

> -----Original Message-----
> From: Gerald Waugh [mailto:gerald@xxxxxxxxx]
> Sent: Wednesday, March 28, 2001 7:12 PM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-users] SSH Confusion...
> 
> MORE:
> added these lines to /etc/rc.d/rc.local
> #sshd
> /etc/rc.d/init.d/sshd start
> 
> vi /etc/ssh/sshd_config
> line 9 was
> #Protocol 2,1
> is
> Protocol 2    # to disallow ssh1
> Gerald
> 


And now for the proper way boys and girls ;^)

Create /etc/rc.d/init.d/sshd (adjust the path to sshd on 
your machine if necessary)

#!/bin/sh

case "$1" in
'start')
        if [ -x /usr/local/sbin/sshd -a -f /etc/sshd_config ]; then 
                echo "Starting the SSH daemon..."
                /usr/local/sbin/sshd
        fi
        ;;
'stop')
        /usr/bin/killall sshd
                echo "Stopping the SSH daemon..."
        ;;
*)
        echo "Usage: /etc/init.d/sshd { start | stop }"
        ;;

esac
exit 0

Then cd /etc/init.d/rc.d/rc2.d, then 

ln -s /etc/rc.d/init.d/sshd S75sshd 

Here is my /etc/sshd_config

Port 22
ListenAddress 0.0.0.0
PidFile /etc/sshd.pid
Protocol 2,1
SyslogFacility AUTH
LogLevel INFO
HostKey /etc/ssh_host_key
HostKey /etc/ssh_host_dsa_key
KeyRegenerationInterval 900
ServerKeyBits 1024
CheckMail no
KeepAlive no
PrintMotd no
PermitRootLogin no 
IgnoreRhosts no
X11Forwarding no
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
UseLogin no
StrictModes yes
LoginGraceTime 180

There is no need to disable version 1 protocol as the code for SSH1 
was patched in the version 2 release.


Good luck and take care.

Brandon Wheaton
UNIX Systems Engineer 
ValiCert, Inc.
1215 Terra Bella Ave. 
Mountain View, CA 94043 
Phone: 650.280.UNIX 
PGP Key ID: 0x2CA21758

----
Sure UNIX is user friendly; it's just picky about who its friends are.