Книга: Fedora™ Unleashed, 2008 edition

Setting Up an SSH Server

Setting Up an SSH Server

The OpenSSH server is set up to be automatically installed and run in Fedora, which means it should already be working on your system. However, if you have disabled it, you can re-enable it by selecting System Settings, Server Settings, Services and selecting the sshd box. As you might have gathered, sshd is the name for the SSH server daemon.

Two different versions of SSH exist, called SSH1 and SSH2. The latter is newer, is more secure, comes with more features, and is the default in Fedora Core Linux. However, support for SSH1 clients is also left enabled by default so that older clients can connect. Because it is less secure, you should disable SSH1 if you have no one who specifically relies on it.

To do this, edit the /etc/ssh/sshd_config file and look for this line:

#Protocol 2,1

Edit this line so that it becomes:

Protocol 2

This removes the comment sign (#) and tells sshd that you want it to only allow SSH2 connections. Save the file and exit your editor. The next step is to tell sshd to reread its configuration file, by executing this command:

kill -HUP `cat /var/run/sshd.pid`

If this returns cat: /var/run/sshd.pid: No such file or directory, it means you didn't have sshd running. Next time you start it, it reads the configuration file and uses SSH2 only.

You can test this change by trying to connect to your SSH server in SSH1 mode. From the same machine, type this:

ssh -1 localhost

The -1 switch forces SSH1 mode. If you successfully forced the SSH2 protocol, you should get the message Protocol major versions differ: 1 vs. 2.

Оглавление книги