Displaying 20 results from an estimated 10000 matches similar to: "Error in SecuringSSH Iptables Description"
2017 Jun 06
1
PROPOSAL: addition to SecuringSSH HowTo
Hi,
I propose to add a Q and A to the FAQ section of the SecuringSSH HowTo<https://wiki.centos.org/HowTos/Network/SecuringSSH> documenting the business of setting setsebool -P use_nfs_home_dirs 1 to allow public key authentication between machines that share nfs home directories as per
https://www.centos.org/forums/viewtopic.php?t=49194
could I get editing rights to that page?
Thanks
2017 Jun 07
1
PROPOSAL: addition to SecuringSSH HowTo
Hi Alan,
Sorry - ID is BrianSmith.
I've read the contribution guidelines and previously contributed.
Yours,
Brian
On Wed, 7 Jun 2017, centos-docs-request at centos.org wrote:
>
> On 6 June 2017 at 12:43, Brian Smith <Brian.Smith at glasgow.ac.uk> wrote:
>> Hi,
>>
>> I propose to add a Q and A to the FAQ section of the SecuringSSH HowTo
>> documenting
2015 Feb 12
8
Securing SSH wiki article outdated
Hi, just a quick note to whoever is maintaining this page:
http://wiki.centos.org/HowTos/Network/SecuringSSH
The procedure is missing the firewall-cmd calls necessary in EL7:
firewall-cmd --add-port 2345/tcp
firewall-cmd --add-port 2345/tcp --permanent
Also, it may be worth mentioning that semanage is in the policycoreutils-python package, which isn?t installed by default in all stock
2015 Feb 12
8
Securing SSH wiki article outdated
Hi, just a quick note to whoever is maintaining this page:
http://wiki.centos.org/HowTos/Network/SecuringSSH
The procedure is missing the firewall-cmd calls necessary in EL7:
firewall-cmd --add-port 2345/tcp
firewall-cmd --add-port 2345/tcp --permanent
Also, it may be worth mentioning that semanage is in the policycoreutils-python package, which isn?t installed by default in all stock
2010 Oct 07
2
update HOWTO page for how to copy ssh pub keys
here:
http://wiki.centos.org/HowTos/Network/SecuringSSH
the recipe for how to copy your id_rsa.pub file to a remote system is
given as:
"Copy the public key (id_rsa.pub) to the server and install it to the
authorized_keys list:
$ cat id_rsa.pub >> ~/.ssh/authorized_keys"
i suspect it would be better if that were rewritten in terms of
using ssh-copy-id, just to be simpler and
2019 Apr 24
3
firewalld configuration for securing SSH
HI all,
1st time contributor here. I was using the guide on securing SSH, and
noticed that the firewall-cmd snippets for filtering by requests per
time seem somewhat outdated. From what I can tell the given snippets,
relay arguments directly down to iptables, and do not cover both IPv4
and v6. (and in fact when attempting to extend to v6 the firewall would
fail to reload). I came up with an
2014 Oct 02
3
Securing SSH --> Change ports
In there you are almost telling people that security through obscurity is a good way.
That might sometimes be true but in this case it could mean that you would be handing passwords and other data out.
When you start SSH on port 22 it is done with root privileges because the root user is the only one that can use ports below 1024. Root is the only user that can listen to that port or do
2019 Apr 26
2
firewalld configuration for securing SSH
Thank you, I've gone in and made the listed changes changed firewalld
sections to use services instead of just port numbers.
-- Kimee
On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote:
> On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model
> <kimee.i.model at gmail.com> wrote:
> >
> > HI all,
> >
> > 1st time contributor here. I was using the
2013 Mar 07
1
Fwd: mistake on Securing SSH
This was sent to me regarding the wiki.
---------- Forwarded message ----------
From: "Martin Kon??ek" <mkonicek12 at gmail.com>
Date: Mar 7, 2013 4:44 AM
Subject: mistake on Securing SSH
To: <timothy.ty.lee at gmail.com>
Cc:
Hi TImothy,
I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is
pretty good, but there is a mistake.
*Instead of having*
iptables
2010 Oct 07
1
a general suggestion for all of the doc pages
generalizing somewhat from my earlier note about the "securing SSH"
page:
http://wiki.centos.org/HowTos/Network/SecuringSSH
i don't know what level of intro a page like that should have but when
i've presented things like this to classes i've taught, or written
short online tutorials, the very first thing i document are the
packages involved.
in this case, the first
2017 Oct 30
1
Contrib Request, SSH FirewallD
Hello,
I would like permission to contribute information to the wiki...
Username: CaseyDoyle
To append an additional method for ssh blocking with firewallD:
Page:
https://wiki.centos.org/HowTos/Network/SecuringSSH#head-3579222198adaf43a3ecbdc438ebce74da40d8ec
Suggest to add the following info to it pertinent section:
------
6. Filter SSH at the Firewall
complementary to iptables method,
2007 Nov 24
1
Traduccion de Securing SSH
Hola lista he estado trabajando el la traducci?n de la pagina de la wiki
http://wiki.centos.org/HowTos/Network/SecuringSSH pues estuve hablando
con Alain Reguera y me dijo que pusiera las traducciones que hiciera
ac? para que lo revisaran, bueno no se como funciona bien esta lista
pero ah? les mando la traducci?n para que la revisen y me den sus
opiniones y despu?s me digan como hago para ponerla
2019 Apr 26
2
firewalld configuration for securing SSH
I'm not sure I follow, you just think the modified one should be called
"ssh-custom", or you think there shouldn't be a modified service file
at all?
-- Kimee
On Fri, 2019-04-26 at 19:46 +0200, Thibaut Perrin wrote:
> Hi there,
>
> Wouldn't that be a better solution to create a custom xml file to put
> in /etc/firewalld and load that "ssh-custom"
2019 Apr 30
2
firewalld configuration for securing SSH
Ah. I understand now. I was considering roughly the same, but wasn't
sure whether that or rich rules was preferable.
-- Kimee
On Sat, 2019-04-27 at 01:39 +0200, Thibaut Perrin wrote:
> No, I think the rules you created might have a better place in a
> custom xml file instead of being given to firewall cmd directly :)
>
> On Fri, 26 Apr 2019 at 23:01, Kimberlee Integer Model
2006 Nov 16
0
Re: IPTables Blocking Brute Forcers
Another good one is
http://denyhosts.sourceforge.net/
It runs as a daemon, and can either ban IP's addresses all together, or
just ban certain services.
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Brian Marshall
Sent: Thursday, November 16, 2006 9:33 AM
To: CentOS mailing list
Subject: Re: [CentOS] Re: IPTables
2008 Dec 09
2
Replacing tabs with appropriate number of spaces
Colleagues,
Platform: OS X (but issue applies to all platforms)
Version: 2.8.0
I have a mixture of text and data that I am outputting via R to a pdf
document (using a fixed-width font). The text contains tabs that
align columns properly with a fixed-width font in a terminal window.
However, when the PDF document is created, the concept of a tab is not
invoked properly and columns do
2014 Oct 03
2
CentOS-docs Digest, Vol 95, Issue 2
On 10/03/2014 12:11 AM, centos-docs-request at centos.org wrote:
> Send CentOS-docs mailing list submissions to
> centos-docs at centos.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.centos.org/mailman/listinfo/centos-docs
> or, via email, send a message with subject or body 'help' to
> centos-docs-request at centos.org
>
>
2010 Nov 10
2
need to block user by IP address (tried denyhosts, xinetd, iptables etc)
Hi,
I am kind of restricted to using packaged versions of software due to
company policy, and we have f12 on our mail server with
dovecot-1.2.15-2.fc12.i686 package.
we have recently had some brute force attacks on the pop3 and imapd and
this results in many processes being used for login attempts.
Our dovecot is hosted on a Virtual Private Server which restricts access
to IPTABLEs and also
2009 Jul 20
5
SSH without password on CentOS 5 ?
Hi,
I'd like to use SSH without password so I can use it in scripts (for
example in combination with rsync to do backups). I have Carla
Schroder's "Linux Cookbook" and I'm trying out the various receipts, but
the one for SSH without a password doesn't work. The book is slightly
dated, and I wonder if SSH included in CentOS works differently.
Any suggestions?
Niki
2011 Apr 05
2
Iptables configuration to handle brute, force registrations?
fail2ban might be good for this.
On 04/05/2011 01:00 PM, asterisk-users-request at lists.digium.com wrote:
>
> Date: Tue, 5 Apr 2011 08:44:41 -0700 (PDT)
> From: Steve Edwards<asterisk.org at sedwards.com>
> Subject: Re: [asterisk-users] Iptables configuration to handle brute
> force registrations?
>
> On Tue, 5 Apr 2011, Gilles wrote:
>
>> I'm no expert