This tip won’t be useful for everybody, but for anybody with a dedicated server you’ll probably be familiar with this error message that gets sent weekly from the security scanner on your server.
The error email I get from “watchdog” once a week looks like this:
Security scanning generated the following warnings (the full scanning log
is available at /var/log/rkhunter.log):
[01:01:51] ————————- Security advisories ————————-
[01:01:52] Warning: SSH version 1 possible allowed!
To fix this problem, we’ll need to edit the sshd_config file, which is the main configuration file for the sshd service. The location will sometimes be different, but it’s usually in /etc/ssh/. Open the file up while logged on as root.
note: Be careful, if you screw this up you won’t be able to ssh to your server anymore…
Find this section in the file, containing the line with “Protocol” in it. Here’s where the problem is… we need to explicitly tell the sshd service to only use version 2.
If the line is commented out or has both 2,1 in it, you’ll need to make it look like this (leave the other lines alone)
Now you’ll need to restart the sshd service:
You shouldn’t get those error emails anymore.
Programmer by day, geek by night, The Geek, also known as Lowell Heddings, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on Google+ if you'd like.
- Published 09/25/07