[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh?



On 19Jun2008 21:16, Kevin J. Cummings <cummings kjchome homeip net> wrote:
> Aldo Foot wrote:
>> On Thu, Jun 19, 2008 at 2:01 PM,  <jeff bubble org> wrote:
>>> I'm trying to make my system a little more secure but still allow it to be
>>> accessed remotely from the internet using ssh and I'm looking for some
>>> guidance.  The systems in question are a Fedora 9 and a Fedora Core 6 system.
>>>
>>> The first thing I did was on my workstation (that I ssh from) is create a
>>> public/private key pair and installed the public key in
>>> ~/.ssh/authorized_keys2, and disabled the password authentication in the
>>> /etc/ssh/sshd_config and everything so far works great.
>>
>> I believe the file with the keys is '~/.ssh/authorized_keys', without the '2'.
>> as specified in the sshd_config.
>> AuthorizedKeysFile      .ssh/authorized_keys
>
> I only use the ssh 2 protocol.  As such, I have/use authorized_keys2.  
> The version without the "2" is for ssh 1 protocol, and its used should  
> be deprecated as its not as secure as ssh 2.

Actually a modern ssh will get ssh2 keys from authorized_keys.
To lock it down you should specify "Protocol 2" in the sshd_config file,
thus forbidding ssh1 in the sshd config, and not by luck with the key file.
-- 
Cameron Simpson <cs zip com au> DoD#743
http://www.cskk.ezoshosting.com/cs/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]