ssh?
Cameron Simpson
cs at zip.com.au
Fri Jun 20 02:04:36 UTC 2008
On 19Jun2008 21:16, Kevin J. Cummings <cummings at kjchome.homeip.net> wrote:
> Aldo Foot wrote:
>> On Thu, Jun 19, 2008 at 2:01 PM, <jeff at bubble.org> wrote:
>>> I'm trying to make my system a little more secure but still allow it to be
>>> accessed remotely from the internet using ssh and I'm looking for some
>>> guidance. The systems in question are a Fedora 9 and a Fedora Core 6 system.
>>>
>>> The first thing I did was on my workstation (that I ssh from) is create a
>>> public/private key pair and installed the public key in
>>> ~/.ssh/authorized_keys2, and disabled the password authentication in the
>>> /etc/ssh/sshd_config and everything so far works great.
>>
>> I believe the file with the keys is '~/.ssh/authorized_keys', without the '2'.
>> as specified in the sshd_config.
>> AuthorizedKeysFile .ssh/authorized_keys
>
> I only use the ssh 2 protocol. As such, I have/use authorized_keys2.
> The version without the "2" is for ssh 1 protocol, and its used should
> be deprecated as its not as secure as ssh 2.
Actually a modern ssh will get ssh2 keys from authorized_keys.
To lock it down you should specify "Protocol 2" in the sshd_config file,
thus forbidding ssh1 in the sshd config, and not by luck with the key file.
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
More information about the fedora-list
mailing list