Lowell HeddingsThis tip won’t be useful for everybody, but for anybody with a dedicated server you’ll probably be familiar with this error message that gets sent weekly from the security scanner on your server.
The error email I get from “watchdog” once a week looks like this:
Security scanning generated the following warnings (the full scanning log
is available at /var/log/rkhunter.log):[01:01:51] ————————- Security advisories ————————-
[01:01:52] Warning: SSH version 1 possible allowed!
To fix this problem, we’ll need to edit the sshd_config file, which is the main configuration file for the sshd service. The location will sometimes be different, but it’s usually in /etc/ssh/. Open the file up while logged on as root.
note: Be careful, if you screw this up you won’t be able to ssh to your server anymore…
vi /etc/ssh/sshd_config
Find this section in the file, containing the line with “Protocol” in it. Here’s where the problem is… we need to explicitly tell the sshd service to only use version 2.
#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
If the line is commented out or has both 2,1 in it, you’ll need to make it look like this (leave the other lines alone)
Protocol 2
Now you’ll need to restart the sshd service:
/etc/init.d/sshd restart
You shouldn’t get those error emails anymore.
- › The Framework Laptop 16 Has an Upgradeable GPU
- › What Is a Discord Token, and How Do You Get One?
- › Did Your Code Project Just Break? It Might Be GitHub’s Fault
- › Where Do Weather Apps Get Their Info From?
- › Grab a 256GB Surface Laptop Go 2 for Just $550 Today
- › Microsoft PowerPoint Has a New List Feature on the Web
