This tip won’t be useful for everybody, but for anybody with a dedicated server you’ll probably be familiar with this error message that gets sent weekly from the security scanner on your server.

The error email I get from “watchdog” once a week looks like this:

Security scanning generated the following warnings (the full scanning log
is available at /var/log/rkhunter.log):

[01:01:51] ————————- Security advisories ————————-
[01:01:52] Warning: SSH version 1 possible allowed!

To fix this problem, we’ll need to edit the sshd_config file, which is the main configuration file for the sshd service. The location will sometimes be different, but it’s usually in /etc/ssh/. Open the file up while logged on as root.

note: Be careful, if you screw this up you won’t be able to ssh to your server anymore…

vi /etc/ssh/sshd_config

Find this section in the file, containing the line with “Protocol” in it. Here’s where the problem is… we need to explicitly tell the sshd service to only use version 2.

#Port 22
#Protocol 2,1
#ListenAddress ::

If the line is commented out or has both 2,1 in it, you’ll need to make it look like this (leave the other lines alone)

Protocol 2

Now you’ll need to restart the sshd service:

/etc/init.d/sshd restart

You shouldn’t get those error emails anymore.

Profile Photo for Lowell Heddings Lowell Heddings
Lowell is the founder and CEO of How-To Geek. He’s been running the show since creating the site back in 2006. Over the last decade, Lowell has personally written more than 1000 articles which have been viewed by over 250 million people. Prior to starting How-To Geek, Lowell spent 15 years working in IT doing consulting, cybersecurity, database management, and programming work.
Read Full Bio »