[WBEL-users] does anyone have any suggestions for setting up a
remote SSH server using WB 3.0?
Benjamin J. Weiss
Benjamin J. Weiss" <firstname.lastname@example.org
Wed, 29 Sep 2004 12:42:45 -0500 (CDT)
On Wed, 29 Sep 2004, Van Loggins wrote:
> I need to make it as secure as possible.
> I currently have a old Celeron 700 MHz system running Fedora Core 1
> working as a remote SSH server, but since fedora has dropped official
> support for it, and I keep getting numerous attempts to log into the
> system using nonexistant accounts from different IP addresses
> (unsuccessful so far), I feel that I need something more secure.
> I'm replacing the large clunky Celeron 700 MHz system with a much more
> streamlined Mini-Itx system, this way I take up less cabinet space, and
> get the same performance. I have loaded the unit with WhiteBox Linux 3.0
> and it seems to work very well on it. The unit has a Epia Via C3 800 MHz
> processor, 128 megs of ram, and a 4.3 gig laptop hard drive. No CD-Rom
> or Floppy. I used a USB CD-RW drive to install WB 3.0 onto it.
> The system needs to be configured to allow 3 different people to connect
> into it from any IP address on the internet, absolutely no SSH root
> Access (authorized users will use su to switch to root if needed), and
> if possible I would like to configure the system so that it will drop an
> ip address using iptables if more than 4 or 5 attempts are made from it
> to log into the system using either a nonexistant account or as root.
> Also the old system is configured not to allow X to work through SSH, so
> I plan on setting the new system up the same way
> The new system also does not have X installed or configured
> any suggestions you can offer me on ways to accomplish my goal are most
One thing that you should do is to change the Protocol 2,1 line to only
have protocol 2. Protocol 1 has some nasty holes in it. Don't forget to
restart the sshd service afterwards.