[NTLUG:Discuss] SSH
severian@pobox.com
severian at pobox.com
Mon Oct 13 23:15:38 CDT 2003
WooHoo,
I got a Linux box into the office doing ssh server duty forwarding ports
to allow my customer to work from home on a Windows machine driving her
desktop Windows machine. The final trick was realizing that Putty does not
work right if you try to store the port forwarding information. When I
passed the port forwarding information on the command line, it worked the
first time. I had a Linux box doing this remote VNC months ago, but today
was the first day I could do it securely, with free Windows software(and my
Linux SSHD server on the static IP)
I have a few questions for people that have done this before.
1. I disabled type 1 ssh keys, since type 2 keys seem to be more
secure. Is there any reason to allow type 1 keys? I realize that some
people may have to interface with software that only supports type 1 keys,
but that does not apply to me.
2. I generated my public keys with OpenSSH. They work fine when I drive
the customers Windows machine from my Linix machine at home. I have not
figured out how to import those public keys into Putty. By googling, I
find a bunch of references on how to take keys from Putty to OpenSSH, but
that is the wrong direction for me.
3. This Linux machine has a static IP and will stay up 24/7. I am trying
to figure out what I should do to the machine to make it relatively
secure. I've close obvious things like ftp and telnet. I am tempted to
close just about every port except the port I use for SSH, but I wonder if
that is too drastic. I have been reading a number of web sites, but I have
not found one that seems authoritative. Any thoughts?
Thanks in advance,
Ralph
More information about the Discuss
mailing list