Find the answer to your Linux question:
Results 1 to 2 of 2
I'm a complete noob when it comes to ssh-security so this may not be a problem at all. But if it is, I would appreciate any advice in how to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2010
    Posts
    1

    Possible ssh problem


    I'm a complete noob when it comes to ssh-security so this may not be a problem at all. But if it is, I would appreciate any advice in how to secure my server better.

    First off, it's an Ubuntu 10.04 LTS server. Which may or may not make a difference compared to say a RedHat or Suse server. Sshd is, at any rate, OpenSSH 5.3p1.

    I've configured sshd to only allow one specific user to connect to the machine using ssh. So far, the user is configured to use username + password to authenticate but I've been thinking of changing that to only allow public/private key authentication instead.

    So far so good. The one potential problem I've noticed is that using:

    nmap -sV -A -o --osscan-guess hostname

    one can discover the ssh-hostkey. How much of a problem is that? Or put in other words: how worried should I be?

  2. #2
    Linux Guru
    Join Date
    Nov 2007
    Posts
    1,759
    Google: how does ssh work


    At this point the client sends the server a Diffie-Hellman GEX Init request that includes the initial challenge message of the key exchange, along with a specification of the type of key exchange that will be used.

    The client then listens for the serverís response, which will include the serverís public key and a challenge value that has been signed by the serverís private key, which is supposed to provide a validation that the packet could only have come from the server that sent it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •