From: "Andrey Falko" <ma3oxuct@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] ssh configuration guide
Date: Thu, 9 Oct 2008 09:38:06 -0700 [thread overview]
Message-ID: <350fc7cf0810090938x1da55a63ra5ebadc5693b423b@mail.gmail.com> (raw)
In-Reply-To: <48EDBB69.8010807@englobe-tec.com>
On Thu, Oct 9, 2008 at 1:06 AM, David Rioja <rams@englobe-tec.com> wrote:
> This is my very first post to the list, so hello you all :)
>
> I've been editing /etc/ssh/sshd_config in order to configure SSH as told in
> the guide at gentoo.org. The options you have to set for a quick start
> configuration are:
>
> Port 22
> Protocol 2
> ServerKeyBits 2048
> SyslogFacility AUTH
> LogLevel INFO
> LoginGraceTime 60
> PermitRootLogin no
> RSAAuthentication no
> PubkeyAuthentication yes
> PasswordAuthentication no
> PermitEmptyPasswords no
> PAMAuthenticationViaKbdInt no
> Compression yes
> KeepAlive yes
> ClientAliveInterval 30
> ClientAliveCountMax 4
>
>
> I have encountered two issues in that:
>
> 1.- When restarting the sshd service you are told PMAAuthenticationViaKbdInt
> is deprecated.
>
> 2.- KeepAlive is not commented in the default configuration file, there is
> TCPKeepAlive instead. I suppose same options are the same. Could anyone
> confim that?
>
> Thanks!
>
>
If you want are truely quick start configuration, you should use the
defaults that get installed after you install ssh. Basically, thost
default will give you a working ssh that is secure and that is more
than likely to work out of box.
I'm not sure which Gentoo quickstart guide you are following, but it
is an out of date guide. I recommend emerge -1 openssh, then running
etc-update and applying the default configuration. Your goal is to get
a basic working ssh daemon, right?
next prev parent reply other threads:[~2008-10-09 16:38 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-09 8:06 [gentoo-user] ssh configuration guide David Rioja
2008-10-09 16:38 ` Andrey Falko [this message]
2008-10-10 7:35 ` David Rioja
2008-10-11 0:08 ` Eric Martin
2008-10-10 6:09 ` Stroller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=350fc7cf0810090938x1da55a63ra5ebadc5693b423b@mail.gmail.com \
--to=ma3oxuct@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox