This is what my file looks like. Hope this helps #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes Mike wrote: >I'm not sure what happened. I was mucking around with sshd_config -2- and now >when i try to load a root konqueror it tells me 'file not supported'. I set >everything back as it was originaly but it still does it. Please look at my >sshd_config and see if anything is wrong. > >I was looking through the config file and see: > > RhostsAuthentication no > # > # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts > RhostsRSAAuthentication no > >Would it mess things up or be useless to set this to on and put 'cox.com/net >into known hosts? > >On another matter: to get around the sshd_config problem I attempted to save a >file (that needed superuser priveledges) manually (using mount and cp and >those kinds of things).... never mind. Figured out what the problem was with >that. > > >-2- ># $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $ > ># This sshd was compiled with PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin > ># This is the sshd server system-wide configuration file. See sshd(8) ># for more information. > >Port 1076 >#Protocol 2,1 >#ListenAddress 0.0.0.0 >#ListenAddress :: >AllowUsers bmike1 bmike101 >HostKey /etc/ssh/ssh_host_key >HostKey /etc/ssh/ssh_host_rsa_key >HostKey /etc/ssh/ssh_host_dsa_key >ServerKeyBits 768 >LoginGraceTime 600 >KeyRegenerationInterval 3600 >PermitRootLogin no ># ># Don't read ~/.rhosts and ~/.shosts files >IgnoreRhosts yes ># Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication >#IgnoreUserKnownHosts yes >StrictModes yes >X11Forwarding yes >X11DisplayOffset 10 >PrintMotd no >PrintLastLog no >KeepAlive yes > ># Logging >SyslogFacility AUTH >LogLevel INFO >#obsoletes QuietMode and FascistLogging > >RhostsAuthentication no ># ># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts >RhostsRSAAuthentication no ># similar for protocol version 2 >HostbasedAuthentication no ># >RSAAuthentication yes > ># To disable tunneled clear text passwords, change to no here! >PasswordAuthentication yes >PermitEmptyPasswords no > ># Uncomment to disable s/key passwords >#ChallengeResponseAuthentication no > ># Uncomment to enable PAM keyboard-interactive authentication ># Warning: enabling this may bypass the setting of 'PasswordAuthentication' > >#PAMAuthenticationViaKbdInt yes > ># To change Kerberos options ># NB: Debian's ssh ships without Kerberos Support >#KerberosAuthentication no >#KerberosOrLocalPasswd yes >#AFSTokenPassing no >#KerberosTicketCleanup no > ># Kerberos TGT Passing does only work with the AFS kaserver >#KerberosTgtPassing yes > >#CheckMail yes >#UseLogin no > >#MaxStartups 10:30:60 >#Banner /etc/issue.net >#ReverseMappingCheck yes > >Subsystem sftp /usr/lib/sftp-server > > > > ------------------------------------------------------------------------ > > Subject: > Re: how to tell when you have a hacker? > From: > Gerard Snitselaar > Date: > Fri, 17 Feb 2006 23:05:24 -0700 > To: > Main PLUG discussion list > > To: > Main PLUG discussion list > > Return-Path: > > Received: > from eastrmimpi02.cox.net ([68.1.16.118]) by eastrmmtai08.cox.net > (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with ESMTP id > <20060218060748.DDRY22952.eastrmmtai08.cox.net@eastrmimpi02.cox.net>; > Sat, 18 Feb 2006 01:07:48 -0500 > Received: > from pluglist.macrosift.com ([68.14.243.59]) by eastrmimpi02.cox.net > with IMP id yu4G1T01Q1HcQdQ0000000 for wwarner42@cox.net; Sat, 18 Feb > 2006 01:06:28 -0500 > Received: > from lists.plug.phoenix.az.us (lists [127.0.0.1]) by > pluglist.macrosift.com (Postfix) with ESMTP id 91A0B12F6B7; Fri, 17 > Feb 2006 23:04:36 -0700 (MST) > X-Original-To: > plug-discuss@lists.plug.phoenix.az.us > Delivered-To: > plug-discuss@lists.plug.phoenix.az.us > Received: > from cantor.snitselaar.org (wsip-68-14-232-151.ph.ph.cox.net > [68.14.232.151]) by pluglist.macrosift.com (Postfix) with ESMTP id > 08BFA12F6B4 for ; Fri, 17 Feb > 2006 23:04:34 -0700 (MST) > Received: > from [192.168.1.102] (unknown [68.14.232.142]) by > cantor.snitselaar.org (Postfix) with ESMTP id 80DDE60CA82 for > ; Fri, 17 Feb 2006 23:05:25 > -0700 (MST) > In-Reply-To: > <200602180021.59827.bmike101@cox.net> > References: > <200602171912.19364.bmike101@cox.net> > <200602172337.33182.bmike101@cox.net> > <1140238103.6496.66.camel@lin-workstation.azapple.com> > <200602180021.59827.bmike101@cox.net> > Content-Type: > text/plain > Message-ID: > <1140242724.22883.4.camel@newton> > MIME-Version: > 1.0 > X-Mailer: > Evolution 2.2.3 (2.2.3-2.fc4) > Content-Transfer-Encoding: > 7bit > X-BeenThere: > plug-discuss@lists.plug.phoenix.az.us > X-Mailman-Version: > 2.1.5 > Precedence: > list > Reply-To: > snits@snitselaar.org, Main PLUG discussion list > > List-Id: > Main PLUG discussion list > List-Unsubscribe: > , > > > List-Archive: > > List-Post: > > List-Help: > > List-Subscribe: > , > > Sender: > plug-discuss-bounces@lists.plug.phoenix.az.us > Errors-To: > plug-discuss-bounces@lists.plug.phoenix.az.us > Status: > R > X-Status: > N > > >Anything you do to ssh will have no effect on sudo. They are separate >things that have no relation to each other. Secure Shell in its common >use is basically a secure form of a telnet session. It uses encryption >to secure the transmission of data. To see if it is running look in the >ps output for sshd. I would recommend setting permit root login to no. >All that means is that root can not login through ssh. You can login as >yourself and still use sudo. I would also recommend looking at >AllowUsers, which can restrict what usernames can login via ssh. You >might even research ssh more and look at turning off password >authentication, and using key authentication. > >On Sat, 2006-02-18 at 00:21 -0500, Mike wrote: > > >>My password is more complex than a name. (it isn't even a word). But please do >>share with me how to check if ssh is open, what port it is on, and how to >>change it..... HEY look at that! sshd must be where to do that. Is all I have >>to do is change the number by the word 'Port'? (it has a 22 next to it now) >> >>Then there is the line that says: 'permit root login yes' Should I change that >>one to no? If I do that what will happen to sudo and when I need to log roots >>account into a termnal? >> >>On Friday 17 February 2006 11:48 pm, Craig White wrote: >> >> >>>you've only been on the hsi for about a week and it's not likely your >>>box was cracked already but if you are using something really simple for >>>a password like mike or password and you have ssh open and on standard >>>port 22, it's not going to take all that long for someone to hack their >>>way in. >>> >>>Also, you probably want to make certain that root can't log in via >>>password in sshd_config and all the rage now on Fedora/RHEL is denyhosts >>>package which automatically adds entries for ip addresses with 5 (or >>>configurable) consecutive failed login attempts in ... hosts.deny (duh) >>>Also, I've found it more peaceful to change the ssh port to something >>>above 1024. >>> >>> >>--------------------------------------------------- >>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>To subscribe, unsubscribe, or to change you mail settings: >>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> >> > >--------------------------------------------------- >PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >To subscribe, unsubscribe, or to change you mail settings: >http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > >------------------------------------------------------------------------ > >--------------------------------------------------- >PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >To subscribe, unsubscribe, or to change you mail settings: >http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss