13 replies to this topic

[Magnum I.P.]

I want to be able to setup SSH on my Slack Box so i can sign into the box anytime i need to when i am away from it with my windows laptop. I know of Putty for a client to use with my laptop. Is there any good sites that will explain how to setup SSH on my slack box for a *nix n00b? Or maybe some quick help here? Thanks.

[LogosX]

you should still find an article on it, but this should get you started.

Slackware usually already has ssh installed so you just need to start it.
As root run sshd or if you want it to run every time you boot chmod 755 /etc/rc.d/rc.ssh and then /etc/rc.d/rc.ssh start

the deamon is now started, but has a default configuration.

so you need to edit the /etc/ssh/sshd_config file
turn off root login
only use Protocol 2
change the default port
dont allow empty passwords

restart the deamon for the changes to take effect
/etc/rc.d/rc.sshd restart

[nenn]

try

ssh localhost

if that works ssh is on, if not do this

./etc/rc.d/rc.sshd start

that will start the ssh server locally, then

ssh localhost

will work fine, at least it should.

[tehbizz]

Make sure to use this directive and try to strictly enforce it:

Use PublicKeyAuthentication

[nullkraft]

Two more things. Setup ssh for password-less logins using dsa keys and if you have a router you need to setup port forwarding to your ssh server.

[Enigma]

Two more things. Setup ssh for password-less logins using dsa keys and if you have a router you need to setup port forwarding to your ssh server.

And the port is 22 if you wanted to know just set up portforwarding to point to that box and you should be set


-Enigma

[Magnum I.P.]

Well thanks for all the replies. I got it working now. I followed everything listed in this thread. Hopefully I dont do anything stupid that will get my box compromised. Thanks again all.

[Magnum I.P.]

I have a question. When I connect for the 1st time to my slack box, it asks me if I want to accept the key. After that, it doesn't ask me anymore for it and I get to a login prompt. Is that normal? I just wanna make sure I am secure so I can leave ssh on when I am away from home. Thanks

[crackedatom]

Doesn't it save the key to your current machine.
I haven't used putty in a while...But I think that's what it does, and then it doesn't require you to accept it again because you already have it.

[Magnum I.P.]

Yes I am using Putty from my Windows laptop. It asks me if I want to save the key and I did. I just want to make sure that this is secure enough to leave ssh open on my box at home.

[Enigma]

Yes I am using Putty from my Windows laptop. It asks me if I want to save the key and I did. I just want to make sure that this is secure enough to leave ssh open on my box at home.

as long as your absolutely sure that key is comming from your machine then yes you can accept it




-Enigma

[Magnum I.P.]

So people can stumble upon my ip address and get the key? Is that safe? I am a little paranoid to leave ssh open on my box unless its secure enough to leave as such. I did everything LogosX explained in a previous post. I'm not sure this is enough. It seems too simple that all I have to do is accept the key from my machine, then login with the username and password and all of this is safe to leave open on my box.

[DarkCow]

So people can stumble upon my ip address and get the key? Is that safe? I am a little paranoid to leave ssh open on my box unless its secure enough to leave as such. I did everything LogosX explained in a previous post. I'm not sure this is enough. It seems too simple that all I have to do is accept the key from my machine, then login with the username and password and all of this is safe to leave open on my box.

It's safe. Read up on PKI. The key that you accepted was the server's public key. That is used to encrypt data that only the server with its private key can decrypt. As long as you have a decent password, you'll be fine.

[n3xg3n]

the first time you did it, it cached your server's key, if it comes up again, BEWARE: someone might be MITMing you...

-edit- Sorry, i only looked at the person above me's post date, not that he did it from a month back =[ srry

Edited by n3xg3n, 21 January 2007 - 01:22 PM.