Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 36
  1. #16
    Joined
    Oct 2001
    Location
    Southern Ontario
    Age
    45
    Posts
    13,194

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    I got Grave-Digger from a Knoppix v3.4 CD I got with a O'Reily Knoppix Hacks book. I just happened to have been reading up on it when I first saw your post. They raised it up to be something really great. But as I continued my research on the net, it turns out that you really need several other tools to really get the benefit from it. Not to mention a degree in computer forensics.

    It really is a good tool, it's just its probably not the best for you.

    So I'm sorry that I miss lead you. And I truely understand why you were frustrated.

    But if you ever were to get cracked, the best thing to do is to shut of the OS as soon as possible. And then try to do all the investigating/repairs from a Knoppix CD. Knoppix shouldn't allow the damage to continue as it wouldn't be infected from the attack. But if Knoppix does get compromised, a simple reboot would fix that.

  2. #17
    Joined
    May 2000
    Location
    /home/christop54
    Age
    48
    Posts
    4,430

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Spankin Partier
    So I'm sorry that I miss lead you. And I truely understand why you were frustrated.
    No problem! As a whole Linux can be frustrating. I have a burning desire to become a Linux "guru"; to know everything there is to know. But I have NO patience, and want everything NOW. It's hard to find a place/subject/area to start learning. It seems that I start to try and learn something, and see something else that draws my attention away. And before I know it I'm a "mile" away from where I started and haven't learned much of anything. There are tons of resources on the net, and they all appeal to me. But where to start. And then I've purchased seven Linux books , but I can't see myself sitting down and reading them cover to cover. Then you add my security situation, if I really even have one, and it gets frustrating. I wish I knew someone that knew Linux that I could talk to, and that could come by my apartment and "teach" me. So, for the most part, I've decided to learn Linux by just using it like I did with Windows. Relax and learn over time.

    I've read that increased hd activity can be a sign that you have a security problem. Is it normal to have "increased" hd activity after boot up? (When you're at the desktop in KDE.) I know with Windows it's normal, but I could have swore with Linux it was different. (I think I remember noticing in the past 10 months that there was little to no hd activity after boot. I could be wrong and/or thinking of something else.) Yesterday and today when I booted up I noticed hd activity at the desktop after boot, and being the paranoid kina guy that I am, I thought I'd ask if it's normal. It seems like it would be normal, but you never know. I'm such a newb!

  3. #18
    Joined
    Apr 2001
    Location
    Los Angeles
    Posts
    21,104

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Christop54,

    I keep meaning to post this in this thread but never seem to.

    Also do not mean to hijack the discussion about security, but regarding your first post link and the issue about your strange entries in the log...

    FWIW, I see and have always seen similar stuff here. I frequently run remote x applications on a laptop from a main desktop. Things like e-mail, etc., run them through ssh through a console window. If you have ever done that, you know that you get all kinds of "chatter" echoed into the console window. Example
    ]$ Grabbing the mouse failed with "GrabInvalidTime"
    kio (KIOConnection): ERROR: Header read failed, errno=104
    kio (KIOConnection): ERROR: Header has invalid size (-1)
    kio (KLauncher): ERROR: SlavePool: No communication with slave.
    appending message to ~/dead.letter.tmp
    appending message to ~/dead.letter.tmp
    *** KMail got signal 15 (Exiting)
    Mutex destroy failure: Device or resource busy
    ICE default IO error handler doing an exit(), pid = 23088, errno = 0
    ICE default IO error handler doing an exit(), pid = 23084, errno = 0...
    and so on. One of the things that I get in adddition to that stuff, is snippets of e-mails. It is the same e-mails that I'm getting while running kmail remotely. Not all of them, not the whole mail, just bits and pieces, sometimes header, sometimes bits of the body. It looks pretty bizzare. But it has been the same over various linux and windows flavors. This is random cruff, and I don't think an intruder would be pasting it around, why would they? One of the experienced Linux guys can probably explain exactly what this is and why. In any case, just to let you know that others see something similar.

  4. #19
    Joined
    May 2000
    Location
    /home/christop54
    Age
    48
    Posts
    4,430

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Senor Panadero
    Christop54,
    One of the things that I get in adddition to that stuff, is snippets of e-mails. It is the same e-mails that I'm getting while running kmail remotely. Not all of them, not the whole mail, just bits and pieces, sometimes header, sometimes bits of the body. It looks pretty bizzare. But it has been the same over various linux and windows flavors. This is random cruff, and I don't think an intruder would be pasting it around, why would they? One of the experienced Linux guys can probably explain exactly what this is and why. In any case, just to let you know that others see something similar.
    Thanks for the info SP. The "chatter" showing up in a shell when transferring data makes sense to me. It also makes sense that an intruder would not post random/meaningless stuff in a shell. Why would they? I'd assume that it would take some effort to get into my box, and to post crap after that work makes no sense. I don't know why I never thought of it that way. Thanks!

  5. #20
    Joined
    Apr 2001
    Location
    Los Angeles
    Posts
    21,104

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Here we go, out of the console.

    Code:
    dkdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: OpenSSL_add_all_algorithms
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: OpenSSL_add_all_algorithms_conf
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: OpenSSL_add_all_algorithms_noconf
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: PKCS7_content_free
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: OpenSSL_add_all_algorithms
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: OpenSSL_add_all_algorithms_conf
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: OpenSSL_add_all_algorithms_noconf
    kmail: WARNING: bodyDecoded: unknown encoding 'quoted-printable
    
    
     TOP 10 NEW TITLES
    
    
    
     ON SALE NOW!
    
      1 Office Pro 2003
      2 Adobe Photoshop 9.0
      3 Windows XP Pro
      4 Adobe Acrobat 7 Pro
      5 Flash MX 2004
      6 Corel Draw 12
      7 Norton Antivirus 2005
      8 Windows 2003 Server
      9 Alias Maya 6 Wavefrt
      10 Adobe Illustrator 11
      See more by this manufacturer
        Microsoft
        Symantec
        Adobe
    
    
    
     Microsoft Office Professional Edition 2003
       by Microsoft'. Assuming binary.
    kmail: WARNING: bodyDecoded: unknown encoding 'quoted-printable
    
     TOP 10 NEW TITLES
    
    
    
     ON SALE NOW!
    
      1 Office Pro 2003
      2 Adobe Photoshop 9.0
      3 Windows XP Pro
      4 Adobe Acrobat 7 Pro
      5 Flash MX 2004
      6 Corel Draw 12
      7 Norton Antivirus 2005
      8 Windows 2003 Server
      9 Alias Maya 6 Wavefrt
      10 Adobe Illustrator 11
      See more by this manufacturer
        Microsoft
        Symantec
        Adobe
    
    
    
     Microsoft Office Professional Edition 2003
       by Microsoft'. Assuming binary.
    kmail: WARNING: KMMessage::setCharset(): trying to set a charset for a non-textual mimetype.
    kmail: Fix this caller:
    kmail: ====================================================================
    kmail:
    kmail: ====================================================================
    kmail: WARNING: KMMessage::setCharset(): trying to set a charset for a non-textual mimetype.
    kmail: Fix this caller:
    kmail: ====================================================================
    kmail:
    kmail: ====================================================================
    kdecore (KLibLoader): WARNING: KLibrary: /usr/lib64/libcrypto.so.0.9.7: undefined symbol: PKCS7_content_free

  6. #21
    Joined
    Oct 2001
    Location
    Southern Ontario
    Age
    45
    Posts
    13,194

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Yeap, it looks like that e-mail wasn't properly formated so Kmail had to make a guess as to how to read it. So Kmail reported the guess to the console.

    Kmail probably just went into an error trapping routien. That's a common programming technique to handle things that are unexpected. If the error trapping subroutien can compensate for the error, then the error gets down graded to only a warning. Error trapping isn't the best way to solve problems, but it is much better then the program just crashing on you.

    These error trapping subroutiens generally report what happened to the console so that a programmer can see what happened and hopefully create a patch so that can prevent this from happening again. But given the nature of e-mail, it will be unlikely they will ever be able to patch all the exceptions so they may simply leave them as is since the error trapper handles most cases just fine. In reallity, correcting these warnings may actually produce code that is simply way too complicated.

    There is probably a setting that you can use with kmail that would disable the displaying of these warnings if they do bother you.

  7. #22
    Joined
    May 2000
    Location
    /home/christop54
    Age
    48
    Posts
    4,430

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    bump. Would anyone care to take a crack at any of the questions posed in these posts (from this thread):

    http://forums.pcper.com/showthread.p...76#post3711276
    http://forums.pcper.com/showthread.p...78#post3711278
    http://forums.pcper.com/showthread.p...80#post3711280
    http://forums.pcper.com/showthread.p...82#post3713582
    http://forums.pcper.com/showthread.p...82#post3714082

    I don't mean to be a bother, but I'd appreciate some input (other than what's already been given). Is there a problem with the way I posted? Or the way I asked/phrased the questions? Or the fact that so much time passed from second post until my third post? (Giving the impression that I either don't care or gave up.) I'm just curious as it seems that poeple jump all over some threads and help the person with their problem/question/issue. While other threads get a little less attention. I'm not trying point fingers, cry/b**ch and moan, complain or anything else. It's just rather frustrating.

    I'm not as concerned about my "situation" regarding SETI@home as I was when I started this thread. My main concern is the security of my box in general as well as learning about Linux security as a whole. As always, any help would be appreciated. (Even if it's RTFM.) Thank you for your time.

  8. #23
    Joined
    Dec 2000
    Posts
    5,051

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    None of the indicated bits are a real security issue.

    If your really concerned about security just look at my post in the thread about bastille, as it gives a link to the instructions for it. ( Bastille uses a set of scripts to check configs and allow you to secure potential issues.)

  9. #24
    Joined
    May 2000
    Location
    /home/christop54
    Age
    48
    Posts
    4,430

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    "None of the indicated bits are a real security issue." Really? So it doesn't matter what services are running? It was my understanding that some services could be a security risk, and therefore asked for input on the services running on my box.

    It was also my understanding that chkrootkit and RKhunter are tools to check for root kits which are bad. Therefore, I asked questions about results from these programs that I didn't/don't understand.

    These are just two examples of questions I posed in this thread. Now if I was wrong in thinking some of these things were security issues, then that's my bad. Regardless, they were questions.

  10. #25
    Joined
    Sep 2002
    Location
    In and out of Detroit
    Posts
    1,556

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Christop54
    First, what is/what's up with /dev/.udev.tdb? In Konqueror it says it's an Open Office text document.
    This is the udev database table. This is an important file. Udev manages all your device files ( stuff in /dev ).
    Quote Originally Posted by Christop54
    Second, what is/what's up with /usr/share/man/man1/..1.gz? In Konqueror it says it's a Gzip file.
    Looks like man page. Man pages are compressed in gzips. I don't see anything unusual about that.

    Quote Originally Posted by Christop54
    Third, what is/what's up with /etc/.pwd.lock? In Konqueror it says it's an empty document (0B in size).
    This is a semaphone lockfile. Basically its used by a program to make sure they don't access the same thing at one time. You can read up on semaphore lockfiles here.

    Quote Originally Posted by Christop54
    And fourth, what is/what's up with the /etc/.java directory? And how do I inspect it?
    Its a hidden file/folder (most likely created by java). To inspect it, I would assume you would open it or explore the folder.

    Hope this helps

    "Well, let's just say, 'if your VCR is still blinking 12:00,you don't want Linux.'"
    - Bruce Perens, Former Debian Project Leader

  11. #26
    Joined
    Oct 2001
    Location
    Southern Ontario
    Age
    45
    Posts
    13,194

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    I think what was happening here was just you had so many questions that they were getting lost with all the replies. So I'll answer some of them here. This is my take on these:
    Code:
    System checks
    * Allround tests
       Checking hostname... Found. Hostname is DarkTower
       Checking for passwordless user accounts... OK
       Checking for differences in user accounts... Found differences
       Info:
    ----------------------
    < torrent:x:100:101:BitTorrent Seed/Tracker:/var/spool/bittorrent:/sbin/nologin
    ----------------------
       Info: Some items have been added (items marked with '<')
       Checking for differences in user groups... Found differences
       Info:
    ----------------------
    < torrent:x:101:
    ----------------------
       Info: Some items have been removed (items marked with '<')
    That looks fine to me. It looks like it is reporting that a program has created a new user on the system. But since the user has the nologin option enabled, it is not a real user. It's just used by an application (in this case bittorrent) to enable it to have rights to certain files. It is very common for applications to do this.

    Code:
    Filesystem checks
       Checking /dev for suspicious files...                      [ OK ]
       Scanning for hidden files...                               [ Warning! ]
    ---------------
     /dev/.udev.tdb  /usr/share/man/man1/..1.gz  /etc/.java /etc/.pwd.lock
    ---------------
    Please inspect:  /etc/.java (directory)
    Ok, any directory or file that starts with a period (.) is hidden. I think the reason for thenotification here is generally speaking, there should not be any hidden files in the /etc folder. So, it's warning you that someone may have placed them there to affect system wide settings yet tried to hide them. Now checking my /etc I too have a /etc/.java directory. I think Sun has hidden this directory to keep people from playing with it. It appears to me that they are using this directory so java will be able to lock certain files when it needs to. Why they didn't do this in the /var directory I don't know. So this is probably fine.

    First, what is/what's up with /dev/.udev.tdb? In Konqueror it says it's an Open Office text document.

    Second, what is/what's up with /usr/share/man/man1/..1.gz? In Konqueror it says it's a Gzip file.
    Not sure what those files are. Actually, I can't see where you first posted them.

    Third, what is/what's up with /etc/.pwd.lock? In Konqueror it says it's an empty document (0B in size).
    Yes, a common way to handle file locking at an application level is to create a hidden file with a name that the program will look for. If the file exists, then this application will knows that some other file is in use. This is handy when a user may start up an application twice (like Firefox). This way the second program waits until that file is deleted before it edits some other shared file. Kind of hard to explain without actually showing you. But seeing as they don't need to store data in the .pwd.lock file, it will be 0 bytes.
    And fourth, what is/what's up with the /etc/.java directory? And how do I inspect it?
    You inspect it exactly as you posted you did. You can either go into it using the cd /etc/.java and use the ls -al command to view the directory. Then if you want to change into another directory you see, just type cd directory name and use the ls command again. Or if you want to use Konqueror, make sure the Show Hidden Files option is turned on in the View menu and then browse with it.

    I guess the problem is you really just don't know what looks 'normal' and what looks 'odd'. But I'll tell you, I've got the same files on my system.

    Regarding Remote root login disabled) and Only SSH2 allowed), I edited /etc/ssh/sshd_config in order to get login disabled and SSH2. Is that okay?
    From what you posted of your sshd_config file, it appears that none of the changes marked in red would have been active. In Linux, configuration files use the # to comment out (disable) lines. The application will skip everything that follows a # key. So you would need to change the file like this and then restart sshd inorder for the changes to take affect:

    Code:
    # Authentication:
    
    #LoginGraceTime 2m
    PermitRootLogin no
    #StrictModes yes
    MaxAuthTries 0
    
    Port 21
    Protocol 2
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    Now you can change the Port to any number you want (well any that isn't being used for something else). But do you even need ssh to be running at all? If you never remotely log into your computer you would be much better off just simply disabling sshd from /etc/init.d. The exact way to do that depends on the version of Linux you are running (I can't remember which one you are using at the moment).

  12. #27
    Joined
    Oct 2001
    Location
    Southern Ontario
    Age
    45
    Posts
    13,194

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Christop54
    5.Checked what services are running and found the following:
    NOTE: I've bolded text next to services that I have questions about, BUT I am a newbie and want input/advice on ANYTHING AND EVERYTHING regarding the services below. (Mainly services that are questionable and/or should not be running.)
    • acpid (running. runlevel 3, 4, and 5)
    • anacron (stopped. runlevel 3, 4, and 5)
    • apmd (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5)
    • atd (running. runlevel 3, 4, and 5)
    • autofs (In the status it shows Configured Mount Points: none are listed, and Active Mount Points: none are listed. Shows for runlevel 3, 4, and 5. I do have my Windows/NTFS particians mounted.)
    • cpuspeed (stopped. runlevel 3, 4, and 5)
    • crond (running. runlevel 3, 4, and 5)
    • cups (stopped. runlevel 3 and 4)
    • cups-config-daemon (stopped. runlevel 3 and 4)
    • firestarter (running. runlevel 3, 4, and 5)
    • gpm (running. runlevel 3, 4, and 5)
    • haldaemon (running. runlevel 3, 4, and 5)
    • irqbalance (stopped. runlevel 3, 4, and 5)
    • isdn (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5)
    • kudzu (In the status is says kudzu has run. runlevel 3, 4, and 5)
    • lm_sensors (In the status it has a lot of info. runlevel 3, 4, and 5)
    • mDNSResponder (running. runlevel 3, 4, and 5) I'm thinking kill this one. Correct?
    • mdmonitor (In the status it doesn't say whether it's running or not. runlevel 3 and 4) I don't have a RAID set-up, so this one can go. Correct?
    • messagebus (running. runlevel 3, 4, and 5)
    • netfs (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5) I'm thinking kill this one. Correct?
    • network I think I need this one!
    • nfslock (running. runlevel 3, 4, and 5) Do I need this one?
    • nifd (running. runlevel 3, 4, and 5) I'm thinking I don't need this one. Correct?
    • pcmcia (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5)
    • portmap (running. runlevel 3, 4, and 5) I'm thinking I don't need this one. Correct?
    • readahead (In the status it doesn't say whether it's running or not. runlevel 5 only)
    • readahead_early (In the status it doesn't say whether it's running or not. runlevel 5 only)
    • rhnsd (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5)
    • rpcgssd (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5)
    • rpcidmapd (running. runlevel 3, 4, and 5)
    • rpcsvcgssd (In the status it doesn't say whether it's running or not. runlevel 3, 4, and 5)
    • sendmail (stopped. runlevel 3 and 4) I'm thinking I don't need this one. Correct?
    • smartd (running. runlevel 3, 4, and 5)
    • sshd (running. runlevel 3, 4, and 5) I'm thinking I don't need this one. Correct?
    • syslog (running. runlevel 3, 4, and 5) In the status it shows syslogd and klogd are running.
    • xinetd (running. runlevel 3, 4, and 5)


    Are there any services that are not listed above that should be running? (yum for instance.)
    I would kill these two if you don't need them:
    • sendmail
    • sshd


    I'd leave the rest.
    Last edited by Spankin Partier; 01-19-2006 at 10:39 PM.

  13. #28
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    First up, sorry I've missed a lot of this - must have been sleeping or something.

    Quote Originally Posted by Spankin Partier
    I would kill these two if you don't need them:
    • sendmail
    • sshd


    I'd leave the rest.
    Now I have a question. I've often wondered about sendmail. Isn't the sendmail service required for sending system logs to root? If so, what would happen if disabled - logs just don't get mailed to root? But as I suspect most users don't check their logs anyway, and presumably there still there if you do want to check them, just not mailed to root (or whereever they're alaised to go).

    Ned

  14. #29
    Joined
    Oct 2001
    Location
    Southern Ontario
    Age
    45
    Posts
    13,194

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Actually, I'm not sure Ned. Maybe FC has done something like that. But Debian, and Gentoo, don't require Sendmail and I never heard of Sendmail being used in that manner. Hence why I was thinking of disabling it. But if you could check up on that, then we can verify if Chris should disable Sendmail or not.
    Last edited by Spankin Partier; 01-20-2006 at 11:04 PM.

  15. #30
    Joined
    May 2000
    Location
    /home/christop54
    Age
    48
    Posts
    4,430

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Thanks for the replys! A combination of my natural paranoia and not knowing has led to much ado about nothing.

    Quote Originally Posted by Spankin Partier
    But do you even need ssh to be running at all? If you never remotely log into your computer you would be much better off just simply disabling sshd from /etc/init.d.
    I didn't realize/know that commenting out (#) a line in a config file disabled whatever that line did. It's almost embarrassing that I disabled/changed things that were disabled....basically doing nothing. Oh well.

    I don't have a clue as to how to remotely log into my box, so I don't think I need ssh running. Do I need to disable ssh from/in /etc/init.d if my /etc/ssh/sshd_config is all commented out, and the ssh service is disabled? (In FC3 I disabled the ssh service by: From the "start menu" > System Settings > Server Settings > Services and then find ssh and disable it.) Am I correct in saying that disabling sshd from /etc/init.d would prevent sshd from loading during boot? Or am I thinking of another file/directory?

    I just checked /etc/ssh/sshd_config to see if everything is commented out, and found a few things that aren't:

    Code:
    #	$OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $
    
    # This is the sshd server system-wide configuration file.  See
    # sshd_config(5) for more information.
    
    # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
    
    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented.  Uncommented options change a
    # default value.
    
    #Port 20
    #Protocol 2
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    
    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key
    
    # Lifetime and size of ephemeral version 1 server key
    #KeyRegenerationInterval 1h
    #ServerKeyBits 768
    
    # Logging
    #obsoletes QuietMode and FascistLogging
    #SyslogFacility AUTH
    SyslogFacility AUTHPRIV
    #LogLevel INFO
    
    # Authentication:
    
    #LoginGraceTime 2m
    #PermitRootLogin no
    #StrictModes yes
    #MaxAuthTries 0
    
    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile	.ssh/authorized_keys
    
    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #RhostsRSAAuthentication no
    # similar for protocol version 2
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # RhostsRSAAuthentication and HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes
    
    # To disable tunneled clear text passwords, change to no here!
    #PasswordAuthentication yes
    #PermitEmptyPasswords no
    PasswordAuthentication yes
    
    # Change to no to disable s/key passwords
    #ChallengeResponseAuthentication yes
    ChallengeResponseAuthentication no
    
    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no
    
    # GSSAPI options
    #GSSAPIAuthentication no
    GSSAPIAuthentication yes
    #GSSAPICleanupCredentials yes
    GSSAPICleanupCredentials yes
    
    # Set this to 'yes' to enable PAM authentication, account processing, 
    # and session processing. If this is enabled, PAM authentication will 
    # be allowed through the ChallengeResponseAuthentication mechanism. 
    # Depending on your PAM configuration, this may bypass the setting of 
    # PasswordAuthentication, PermitEmptyPasswords, and 
    # "PermitRootLogin without-password". If you just want the PAM account and 
    # session checks to run without PAM authentication, then enable this but set 
    # ChallengeResponseAuthentication=no
    #UsePAM no
    UsePAM yes
    
    #AllowTcpForwarding yes
    #GatewayPorts no
    #X11Forwarding no
    X11Forwarding yes
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #UseLogin no
    #UsePrivilegeSeparation yes
    #PermitUserEnvironment no
    #Compression yes
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #UseDNS yes
    #PidFile /var/run/sshd.pid
    #MaxStartups 10
    #ShowPatchLevel no
    
    # no default banner path
    #Banner /some/path
    
    # override default of no subsystems
    Subsystem	sftp	/usr/libexec/openssh/sftp-server
    Looks OK to me, but I thought I post it anyway. Thanks again!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •