Convert from telnet to SSH (both OpenSSH and Dropbear)

From NAS-Central Buffalo - The Linkstation Wiki

Latest revision as of 00:04, 3 August 2006

OpenSSH:

1. Install the OpenSSH package. If prompted, select SSH version 2. Use the command:

apt-get install ssh

2. Reboot. Use the command:

reboot

3. From now on log in via SSH using the Putty client.

4. Uninstall telnet because it's a gaping security hole. Use the command:

apt-get remove telnetd

Why disable root logins?

You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access.

5. You can configure SSH through Webmin (see: Webmin to remotely administer your LinkStation). I highly recommend disabling root login and enabling session timeouts.

Dropbear:

1. Dropbear comes preinstalled with the latest PPC Debian distribution. Otherwise you may install Dropbear with the command:

apt-get install dropbear

2. Debian will automatically create both DSS and RSA keys. If you used the PPC Debian distribution, please create new keys. First remove the old keys:

rm /etc/dropbear/*key

3. Then create new keys:

dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key

4. I recommend disabling direct root logins. Open up /etc/default/dropbear and add the following:

DROPBEAR_EXTRA_ARGS="-w"

5. From now on log in via SSH using the Putty client.

6. Uninstall telnet because it's a gaping security hole. Use the command:

apt-get remove telnetd