[WBEL-users] SSH Info

Kirby Bohling kbohling@birddog.com
Thu, 12 Aug 2004 19:29:26 -0500 

On Fri, Aug 13, 2004 at 10:20:50AM +1000, Graham Waring wrote:
> G'day all,
> 
> Yes, good call to temporarily enable telnet when changing the sshd_config 
> if you are not local to the box, I have done so in the past and it saved me 
> a trip back to the office.  Another trick I use in preference of that 
> though is to go in with webmin (via https of course) and restart the sshd 
> daemon.

service sshd condrestart

You should always do that if you're remote.  It'll run "ssd -t"
which should sanity check your ssh client.  Furthermore, if you are
ssh'ed in, do not close your connection.  I always open 3-3
connections if I'm worried about ssh changes.  Just in case a
console locks up or something else silly happens.

	Kirby


> 
> Cheers
> Graham
> 
> 
> >From: Ed <ekg@tricity.wsu.edu>
> >Reply-To: ekg@tricity.wsu.edu
> >To: emorrison@ncen.org
> >CC: White Box Users <whitebox-users@beau.org>
> >Subject: Re: [WBEL-users] SSH Info
> >Date: Thu, 12 Aug 2004 16:56:56 -0700
> >
> >Ed Morrison wrote:
> >>Hi Ed,
> >>
> >>I actually did that but it didn't change anything with how ssh works.  I
> >>can still login and use ssh1.
> >
> >Hey Ed,
> >Perversely, sshd will *not* restart if you're logged in using ssh.  You 
> >can however make a shell script with stops sshd, and then restarts it.
> >I'm not sure I'd try this unless I could get someone to restart the 
> >service locally just in case.  Or you could temporarily enable telnet so 
> >you have a "plan B".
> >
> >remhost$ at now + 1 minute
> >at> service sshd stop
> >at> servies sshd start
> >remhost$ logout
> >localhost$ (wait a minute)
> >localhost$ ssh remhost
> >
> >
> >  Ed
> >
> >
> >>
> >>On Thu, 2004-08-12 at 15:24, Ed wrote:
> >>
> >>>Ed Morrison wrote:
> >>>
> >>>>Hi Everyone,
> >>>>
> >>>>I'm looking to tighten down my servers some more and I would like to
> >>>>find a good ssh How to:/step guide for disabling ssh1 and implementing
> >>>>keys.
> >>>
> >>>in sshd_config:
> >>>Protocol 2
> >>
> >>
> >>Port 22
> >>Protocol 2
> >>#ListenAddress 0.0.0.0
> >>#ListenAddress ::
> >>
> >>
> >>
> >>>If someone could send some links my way it would be appreciated.
> >>>
> >>>>Thanks,
> >>>>Ed