Convert from telnet to SSH (both OpenSSH and Dropbear)
From NAS-Central Buffalo - The Linkstation Wiki
(→OpenSSH:) |
|||
| (6 intermediate revisions not shown) | |||
| Line 1: | Line 1: | ||
| + | {{Template:Articles}} | ||
== OpenSSH: == | == OpenSSH: == | ||
| Line 14: | Line 15: | ||
<font color=red>apt-get remove telnetd</font> | <font color=red>apt-get remove telnetd</font> | ||
| + | {{Postit| Why disable root logins? | You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access.}} | ||
| - | + | 5. You can configure SSH through Webmin (see: [[Webmin to remotely administer your LinkStation]]). I highly recommend disabling root login and enabling session timeouts. | |
| - | + | ||
| - | 5. You can configure SSH through Webmin (see [[ | + | |
== Dropbear: == | == Dropbear: == | ||
| Line 46: | Line 46: | ||
[[Category:Debian]] | [[Category:Debian]] | ||
[[Category:Howto]] | [[Category:Howto]] | ||
| + | |||
| + | <center><font color=red>''Originally by frontalot from linkstationwiki.org''</font></center> | ||
Latest revision as of 00:04, 3 August 2006
OpenSSH:
1. Install the OpenSSH package. If prompted, select SSH version 2. Use the command:
apt-get install ssh
2. Reboot. Use the command:
reboot
3. From now on log in via SSH using the Putty client.
4. Uninstall telnet because it's a gaping security hole. Use the command:
apt-get remove telnetd
| Why disable root logins? |
|
| You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access. |
5. You can configure SSH through Webmin (see: Webmin to remotely administer your LinkStation). I highly recommend disabling root login and enabling session timeouts.
Dropbear:
1. Dropbear comes preinstalled with the latest PPC Debian distribution. Otherwise you may install Dropbear with the command:
apt-get install dropbear
2. Debian will automatically create both DSS and RSA keys. If you used the PPC Debian distribution, please create new keys. First remove the old keys:
rm /etc/dropbear/*key
3. Then create new keys:
dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
4. I recommend disabling direct root logins. Open up /etc/default/dropbear and add the following:
DROPBEAR_EXTRA_ARGS="-w"
5. From now on log in via SSH using the Putty client.
6. Uninstall telnet because it's a gaping security hole. Use the command:
apt-get remove telnetd
