Hi, I'm trying to configure SSH on a server.
I changed these lines in the server's /etc/ssh/sshd_config: PermitRootLogin no AuthorizedKeysFile %h/.ssh/authrized_keys (authorized_keys is the same as id_rsa.pub on my machine.) I connect to the server with this command: ssh -i ~/.ssh/id_rsa <server's ip> But it outputs the fingerprint of the server's HostKey (which is located at /etc/ssh/ssh_host_rsa_key), not the AuthorizedKeysFile fingerprint. What should I do to make it work? Will it be enough to comment the HostKey lines in /etc/ssh/sshd_config? Is it safe? What else should be done to restrict unauthorized access? This guide [1] recommends to change ListenAddress to 192.168.0.1 and Port to 666. (I want to use another port (and another address). Does it matter? 666 is used by Doom. [2]) Will it work "out of the box" if I change these? Is there a need for a system level tweaking (firewall etc.)? I'm new to networking. Could you explain what does "Port" and "Listen" mean in this case? (Yes, I've read some papers about ports, but I want to understand this concept completely.) How to use SSH with a non-standard port? Will it be something like this: ssh -i ~/.ssh/id_rsa <server's ip>:<new port number>? Is there a need for a username@ prefix before the server's ip (I changed PermitRootLogin to no)? [1] http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html [2] https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers Cheers _______________________________________________ gNewSense-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/gnewsense-users
