[NBLUG/talk] FOLLOW-UP: I'm getting ssh scanned! Should I be
worried?
Dave Sisley
dsisley at arczip.com
Mon Oct 18 11:28:36 PDT 2004
Hey, luggers:
This is a follow-up to my earlier post regarding the ssh scanning I've
been experiencing. I also have one more question, below.
First, thanks for the help! I've decided to implement most of the
suggestions offered:
- I made my passwords less crackable.
- In /etc/ssh/sshd_config:
- PasswordAuthentication no
- AllowUsers [my login]
- PermitRootLogin no
Then I generated some ssh key pairs on my home machine and the laptop
I usually log in from (as well as on my sonic shell account - see more
below).
My only hesitation was that setting up ssh this way would prevent me
from logging in to my home box from some machine when I hadn't put the
public key from that remote machine into the authorized_keys2 file of
my home machine.
<aside> I have to admit that this concern is a little silly, seeing as
how I can't forsee a time when I would have access to such a machine.
Other than during class at the SRJC, I'm just fooling around at
home. </aside>
To work around this issue, I figured out a scheme (which you are all
encouraged to critique). Since I have shell access at sonic, I just
set up a key pair between that server and my home box. So, when I'm
at school or anywhere else, I can log in to my sonic account with a
password and then reach my home machine from there. I also considered
Frank's suggestion to carry my home key with me on a floppy (or other
medium), but I knew I would forget to lug it around.
In addition to the links provided by micxz, I found this Linux
Magazine article helpful in explaining how to set up and use ssh keys:
http://www.linux-mag.com/2004-07/tech_support_01.html
The page Augie linked to (from his web site) is also a great
resource. It's very concise and clear. (I wish I had read it first!).
I'd also like to use a non-standard port for ssh, but I've run into
some confusion; I must be missing something. I thought that all I
need to do is edit sshd_config so that the daemon is listening on the
new port:
#Port 22
Port <some really high number, above 1024>
Now restart sshd.
Then, when I log in from a remote box, I just need to tell ssh to use
that new port number:
ssh -p <really high number> me at my.home.machine
Unfortunately, I get a 'connection refused' message. I even tried
regenerating the keys on the remote box and rebooting my home machine
(in case some service other than sshd needs restarting).
Anybody know what I'm missing?
Thanks again for the input, everybody. I feel better already!
-dave.
--
Dave Sisley
dsisley at arczip.com
roth-sisley.net
More information about the talk
mailing list