|
-
January 2nd, 2002, 02:57 PM
#15
Hantiz: that's correct. SSH will auto-create for root but that's a relatively new feature of ssh, as older versions didn't do that. Thanks for the correction. 
Jason-mis: telnet is non-encrypted plain-text across a network. Anyone with a sniffer could and would see passwords, user names, etc. SSH on the other hand, is completely encrypted and while a sniffer would still pick up the traffic, it wouldn't be able to be decrypted.
SSHD is the server binary while SSH is the binary executable. Notice: you won't be able to ssh to another box if that other box doesn't have sshd running.
Example:
# /usr/local/sbin/sshd
#
If you entered that and got the command prompt, you then had sshd started. To verify:
# ps -ef | grep -i sshd
This will give you a line of information, with the last column showing /usr/local/sbin/sshd (or whatever path it was installed on). If you see that, it's running.
As for passwords, other than root, the other accounts can be locked (asterix * in front of the password or go through the gui and lock them manually). A lot of them should already be locked because the system uses them, not typical users. Root should have a very secure password, 6-8 characters both upper and lowercase, with at least 1 number and 1 special character. A password like '5h1gG1tY' (that's shiggity for those that don't get that word, hehe) is a lot better than 'iluvdogs' or some crap...
RH will warn you if your password chosen is easy to break (aka matching something in the dictionary). Good techniques also include never storing passwords in plaintext files for remembering later, never leave it in plain sight, and don't keep the same password for diff. systems. I worked at a place once where it was "mandatory" for everyone to write their password and tape it to the underside of the keyboard! I got written up because I wouldn't do it, hehe...dumb@sses.
As for hosts.allow and hosts.deny, those are for trusted machines. This allows authentication on the server to be bypassed if the machine's allowed and denied if it's not. That's just a simple explanation. Technically speaking, I'd leave it out.
Hope this helps some. It should help you get on the right track.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
