Results 31 to 33 of 33
Sounds like you've got things under control. The verbose logging on sshd is not really necessary - that will give a lot of under-the-covers information during each exchange that you ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 11-07-2006 #31
Using tcp_wrappers, you may see /var/log/secure (or wherever, depending on distro) messages that read something like: sshd: refused connect from : some.ip.here
That is no problem. That's tcp_wrappers shutting them out. They don't even get to try to authenticate.
I would just double-check and make sure you have turned off all other forms of authentication in /etc/ssh/sshd_config except for pubkey (sounds like you already have).
You have a couple layers of security here, and you've plugged up some notable problems. So you should be in good shape.
- 11-07-2006 #32
- Join Date
- Aug 2005
could you recommend me a good reading source?
I would like to do what you did in order to allow | remote Win PC -> Internet -> DSL Modem -> Router -> SuSE Linux file server to make it possible to work with documents/data files remotely.
Do you know of a guided walktrough out there that is like a 'standard' work?
Thanks a lot in advance,
- 11-07-2006 #33
Thanks for all your help guys. You were all very patient with me and my long list of questions, and I really appreciate it.
Marinus: It turns out it's really easy to set up an ssh server at home -- all you need to do is make sure that the sshd daemon is running. The difficult part is configuring it to be secure!!!
I don't know of any standard works on ssh. I learnt by chatting to friends, using google to try to understand any new terms people used, and asking questions on forums like this.
I would recommend starting with the man pages for ssh, sshd, sshd_config, etc., and then googling on any terms that you don't understand. Try to build up a good picture of what ssh is and how it works, and try to be clear in your own head about exactly what you want it to be able to do. This will allow you to understand how certain configurations are less secure than others, and how you can add additional levels of security without compromising its usefulness.
In other words, I was able to get all the information I needed using man pages, google, and this forum, but only once I had a clear idea of what I wanted to set up.
Good Luck!!Registered Linux user #388328 || Registered LFS user #15880
AMD 64 X2 4600+ :: 2X1GB DDR2 800 :: GeForce 9400 GT 512MB :: ASUS M2N32 Deluxe :: 4X250GB SATAII
Need instant help? Try us on IRC -- #linuxforums on freenode