Displaying 20 results from an estimated 50000 matches similar to: "Running SSH on a different port"
2014 Oct 02
3
Securing SSH --> Change ports
In there you are almost telling people that security through obscurity is a good way.
That might sometimes be true but in this case it could mean that you would be handing passwords and other data out.
When you start SSH on port 22 it is done with root privileges because the root user is the only one that can use ports below 1024. Root is the only user that can listen to that port or do
2013 Apr 04
1
Using "root" Type User Via Forwarding-SSH-Tunnel Inside Non-Root SSH Connection
Hi,
QUESTION:
what implications are there when using the "root" or a root type of
account via a port-forwarding ssh-tunnel inside (or on top of)
another non-root type of user's ssh-tunnel ?
Is such double layer of encryption brings more security or system
still vulnerable same as single layer of SSH encryption ?
DETAILS:
In CentOS (6.3 & 6.4) server side i have done these:
(1)
2019 Apr 24
3
firewalld configuration for securing SSH
HI all,
1st time contributor here. I was using the guide on securing SSH, and
noticed that the firewall-cmd snippets for filtering by requests per
time seem somewhat outdated. From what I can tell the given snippets,
relay arguments directly down to iptables, and do not cover both IPv4
and v6. (and in fact when attempting to extend to v6 the firewall would
fail to reload). I came up with an
2010 Oct 07
2
update HOWTO page for how to copy ssh pub keys
here:
http://wiki.centos.org/HowTos/Network/SecuringSSH
the recipe for how to copy your id_rsa.pub file to a remote system is
given as:
"Copy the public key (id_rsa.pub) to the server and install it to the
authorized_keys list:
$ cat id_rsa.pub >> ~/.ssh/authorized_keys"
i suspect it would be better if that were rewritten in terms of
using ssh-copy-id, just to be simpler and
2015 Feb 12
8
Securing SSH wiki article outdated
Hi, just a quick note to whoever is maintaining this page:
http://wiki.centos.org/HowTos/Network/SecuringSSH
The procedure is missing the firewall-cmd calls necessary in EL7:
firewall-cmd --add-port 2345/tcp
firewall-cmd --add-port 2345/tcp --permanent
Also, it may be worth mentioning that semanage is in the policycoreutils-python package, which isn?t installed by default in all stock
2015 Feb 12
8
Securing SSH wiki article outdated
Hi, just a quick note to whoever is maintaining this page:
http://wiki.centos.org/HowTos/Network/SecuringSSH
The procedure is missing the firewall-cmd calls necessary in EL7:
firewall-cmd --add-port 2345/tcp
firewall-cmd --add-port 2345/tcp --permanent
Also, it may be worth mentioning that semanage is in the policycoreutils-python package, which isn?t installed by default in all stock
2009 Apr 09
4
if ssh port is not port 22
If Port is set to 422 in /etc/ssh/ssh_config, ssh client still tries to use
port 22. ssh -p 422 localhost does work however becasue Port is set to 422
in sshd_config
geronimo:/data/openssh-5.2p1 # ssh -vvv localhost
OpenSSH_5.2p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc//ssh_config
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting
2017 Apr 21
2
Include for sshd_config
On Thu, Apr 20, 2017 at 11:00 AM, Scott Neugroschl <scott_n at xypro.com> wrote:
>
> On Wed, Apr 19, 2017 at 1:02 PM, navern <livingdeadzerg at yandex.ru> wrote:
>
>> Is there any available tool with this for pre-evaluating the resulting sshd_config for fatal errors? I'm not demanding: I'm thinking "that could be really, really useful".
>
>
2001 Jan 05
3
subject: ssh non-intuitive logging setting. (priority names)
subject: ssh non-intuitive logging setting (priority names).
I installed openssh 2.3.0p1 on Solaris 7 for x86 box and
sshd worked fine.
However, somehow the logging of connection and disconnection to
sshd was not recorded as I wished.
Time to investigate.
On a host where sshd from data-fellows once ran,
the log was recorded with auth.info level.
After trying to modify sshd_config, I found
that
2019 Apr 26
2
firewalld configuration for securing SSH
Thank you, I've gone in and made the listed changes changed firewalld
sections to use services instead of just port numbers.
-- Kimee
On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote:
> On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model
> <kimee.i.model at gmail.com> wrote:
> >
> > HI all,
> >
> > 1st time contributor here. I was using the
2012 May 14
14
[Bug 2008] New: IPV6 Bind to port 22 failed
https://bugzilla.mindrot.org/show_bug.cgi?id=2008
Bug #: 2008
Summary: IPV6 Bind to port 22 failed
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P2
Component: sshd
AssignedTo:
2009 Jul 20
5
SSH without password on CentOS 5 ?
Hi,
I'd like to use SSH without password so I can use it in scripts (for
example in combination with rsync to do backups). I have Carla
Schroder's "Linux Cookbook" and I'm trying out the various receipts, but
the one for SSH without a password doesn't work. The book is slightly
dated, and I wonder if SSH included in CentOS works differently.
Any suggestions?
Niki
2010 Jul 01
2
ssh server hangs the port even if client machine shuts down
Hi,
I have the following problem with ssh, hope someone can help me with it:
I have 2 processes of ssh server on same Linux machine. One of them is
the normal ssh configuration for Linux, the other one starts with a
custom configuration on another port.
>From the client i do a remote port forwarding to the custom ssh
server: ssh -R 1037:localhost:55555.
After this command on ssh server
2013 Mar 07
1
Fwd: mistake on Securing SSH
This was sent to me regarding the wiki.
---------- Forwarded message ----------
From: "Martin Kon??ek" <mkonicek12 at gmail.com>
Date: Mar 7, 2013 4:44 AM
Subject: mistake on Securing SSH
To: <timothy.ty.lee at gmail.com>
Cc:
Hi TImothy,
I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is
pretty good, but there is a mistake.
*Instead of having*
iptables
2019 Jun 20
2
Dovecot and Solr on the same server or on different
Hi.
what would you suggest? What are the pros and cons for having dovecot and Solr on the same or different hots?
I have about 800 accounts, some millions of mails and about 2 TB of zipped mails.
From the recent experiences regarding maintenance I?d prefer different hosts for each.
Thanks for suggestions and feedback . G?tz
-------------- next part --------------
A non-text attachment was
2019 Apr 26
2
firewalld configuration for securing SSH
I'm not sure I follow, you just think the modified one should be called
"ssh-custom", or you think there shouldn't be a modified service file
at all?
-- Kimee
On Fri, 2019-04-26 at 19:46 +0200, Thibaut Perrin wrote:
> Hi there,
>
> Wouldn't that be a better solution to create a custom xml file to put
> in /etc/firewalld and load that "ssh-custom"
2017 Oct 30
1
Contrib Request, SSH FirewallD
Hello,
I would like permission to contribute information to the wiki...
Username: CaseyDoyle
To append an additional method for ssh blocking with firewallD:
Page:
https://wiki.centos.org/HowTos/Network/SecuringSSH#head-3579222198adaf43a3ecbdc438ebce74da40d8ec
Suggest to add the following info to it pertinent section:
------
6. Filter SSH at the Firewall
complementary to iptables method,
2008 Dec 09
8
pop3 attack
I was looking at my maillog and it looks like someone is trying to get
into my pop3 server.
Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=<alexis>, method=PLAIN, rip=::ffff:66.167.184.203, lip=::ffff:192.168.1.2
Dec 9 15:29:08 mailserver dovecot: pop3-login: Aborted login: user=<alfonso>, method=PLAIN, rip=::ffff:66.167.184.203, lip=::ffff:192.168.1.2
Dec 9
2007 Nov 24
1
Traduccion de Securing SSH
Hola lista he estado trabajando el la traducci?n de la pagina de la wiki
http://wiki.centos.org/HowTos/Network/SecuringSSH pues estuve hablando
con Alain Reguera y me dijo que pusiera las traducciones que hiciera
ac? para que lo revisaran, bueno no se como funciona bien esta lista
pero ah? les mando la traducci?n para que la revisen y me den sus
opiniones y despu?s me digan como hago para ponerla
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in