Difference between revisions of "Convert from telnet to SSH (both OpenSSH and Dropbear)"

From NAS-Central Buffalo - The Linkstation Wiki
Jump to: navigation, search
m
(OpenSSH:)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Template:Articles}}== OpenSSH: ==
+
{{Template:Articles}}
 +
== OpenSSH: ==
  
 
1. Install the OpenSSH package. If prompted, select SSH version 2. Use the command:
 
1. Install the OpenSSH package. If prompted, select SSH version 2. Use the command:
Line 16: Line 17:
 
{{Postit| Why disable root logins? | You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access.}}
 
{{Postit| Why disable root logins? | You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access.}}
  
5. You can configure SSH through Webmin (see [[DebianWebmin]]). I highly recommend disabling root login and enabling session timeouts.
+
5. You can configure SSH through Webmin (see: [[Webmin to remotely administer your LinkStation]]). I highly recommend disabling root login and enabling session timeouts.
  
 
== Dropbear: ==
 
== Dropbear: ==

Latest revision as of 00:04, 3 August 2006

OpenSSH:

1. Install the OpenSSH package. If prompted, select SSH version 2. Use the command:

apt-get install ssh

2. Reboot. Use the command:

reboot

3. From now on log in via SSH using the Putty client.

4. Uninstall telnet because it's a gaping security hole. Use the command:

apt-get remove telnetd
Why disable root logins?
Bar.png
You really shouldn't be logged in as root unless absolutely necessary. A screw up while logged in as root can trash your system. Also, an intruder needs to know 2 passwords (instead of just 1) in order to gain root access.


5. You can configure SSH through Webmin (see: Webmin to remotely administer your LinkStation). I highly recommend disabling root login and enabling session timeouts.

Dropbear:

1. Dropbear comes preinstalled with the latest PPC Debian distribution. Otherwise you may install Dropbear with the command:

apt-get install dropbear

2. Debian will automatically create both DSS and RSA keys. If you used the PPC Debian distribution, please create new keys. First remove the old keys:

rm /etc/dropbear/*key

3. Then create new keys:

dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key

4. I recommend disabling direct root logins. Open up /etc/default/dropbear and add the following:

DROPBEAR_EXTRA_ARGS="-w"

5. From now on log in via SSH using the Putty client.

6. Uninstall telnet because it's a gaping security hole. Use the command:

apt-get remove telnetd
Originally by frontalot from linkstationwiki.org