Convert from telnet to SSH (both OpenSSH and Dropbear)
From NAS-Central Buffalo - The Linkstation Wiki
m (DebianSSH moved to Articles/DebianSSH: Adding Articles prefix) |
|||
| Line 43: | Line 43: | ||
<font color=red>apt-get remove telnetd</font> | <font color=red>apt-get remove telnetd</font> | ||
| + | |||
| + | [[Category:Debian]] | ||
Revision as of 22:58, 25 June 2006
OpenSSH:
1. Install the OpenSSH package. If prompted, select SSH version 2. Use the command:
apt-get install ssh
2. Reboot. Use the command:
reboot
3. From now on log in via SSH using the Putty client.
4. Uninstall telnet because it's a gaping security hole. Use the command:
apt-get remove telnetd
(:note Why disable root logins? | You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access.:)
5. You can configure SSH through Webmin (see DebianWebmin). I highly recommend disabling root login and enabling session timeouts.
Dropbear:
1. Dropbear comes preinstalled with the latest PPC Debian distribution. Otherwise you may install Dropbear with the command:
apt-get install dropbear
2. Debian will automatically create both DSS and RSA keys. If you used the PPC Debian distribution, please create new keys. First remove the old keys:
rm /etc/dropbear/*key
3. Then create new keys:
dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
4. I recommend disabling direct root logins. Open up /etc/default/dropbear and add the following:
DROPBEAR_EXTRA_ARGS="-w"
5. From now on log in via SSH using the Putty client.
6. Uninstall telnet because it's a gaping security hole. Use the command:
apt-get remove telnetd
