Can I just add these two things.... Be sure and comment out Telnet in either
inetd.conf or in xinetd.d .... you'd be suprised how many boxes with ssh installed
still have telnet running. Second comment out the services for telnet in
/etc/services. In fact commnet out everything you don't use want or know in this
section. (if something complains about a port it's easier to open it up than it is to
repair after a hack job.)
James
just my two cent..... and we all know what two cents will get you these days.
On Sat, 13 Jan 2001 17:55:47 -0500
Mark Weaver <[EMAIL PROTECTED]> wrote:
> Thanks everyone for the info. I've got ssh running on both my workstation and
> home PC and can connect securely now and that makes me feel a bit better then
> having everything on an open channel.
>
> thanks
> --
> Mark
>
> "If you don't share your concepts and ideals, they end up being worthless,"
> "Sharing is what makes them powerful."
>
> Linus Torvalds
>
> On Thursday 11 January 2001 01:13 am, you wrote:
> > Homepage: http://www.openssh.com/
> >
> > In short, ssh works similar to telnet. The difference is that with
> > telnet, you feed the login name at a prompt. With ssh, you give the
> > login name on the command line. (ssh user@host) ie:
> >
> > [EMAIL PROTECTED]
> >
> > If you omit the username (ssh deathstar.empire.com) ssh uses the
> > username of your current local login.
> >
> > The big difference between telnet and ssh is that communications
> > using ssh travel over an encrypted tunnel whereas communications
> > with telnet are transmitted in the clear (plaintext). To be able
> > to ssh into a machine, it needs to be running sshd. Most
> > configurations run sshd as a standalone daemon and not in inetd (or
> > xinetd) but you can choose that alternative if you feel so inclined.
> > If you use the Mandrake RPMs (they come stock with 7.2 and are
> > available as a download durring install for 7.0 and 7.0), sshd will
> > be setup for you. Using drakxservices, simply select sshd as one of
> > the services to start on boot. Alternatively, you can get generic
> > RPMs from the URL above.They too should show as an option in
> > drakxservices. You can, of course, manually start and stop the
> > service by:
> >
> > /etc/rc.d/init.d/ssh start
> > /etc/rc.d/init.d/ssh stop
> >
> > The first time you ssh into a host, you will be asked to accept a
> > key, choose yes and that computer will have an ID in your
> > ~/.ssh/known_hosts file. Should that key ever change, you will be
> > notified and should contact the remote machine's administrator to
> > see if the key should have changed. If you are told it shouldn't
> > have changed, then you have indication of a security issue such as
> > a "man-in-the-middle attack". Possible legitimate reasons for key
> > change include the remote adminstrator deciding to change keys, a
> > re-install of sshd, and a re-install of the remote server. This
> > is not an all inclusive list.
> >
> > ssh also provides some other benefits including automatic X
> > forwarding (ssh -X) where you can ssh to a remote machine, start
> > an X program and have it display on your local machine with no
> > pre-configuration on your part. The transmission of the remote
> > program will also take place over your encrypted ssh tunnel.
> > Finally (of the quick overview), there is scp (secure copy) that
> > allows you to transfer (encrypted tunnel) files between ssh capable
> > hosts. 'man scp' for the gory details. Other sources of
> > information include the man pages for ssh and sshd.
> >
> > Good luck and enjoy,
> >
> > Woody
>
>
>
