Comments on: How to fix your hackable SSH on Debian and Ubuntu Servers http://www.mattgibson.ca/2008/05/15/how-to-fix-your-hackable-ssh-on-debian-and-ubuntu-servers/ I'm one of those people radio shows call for obscure shit. Tue, 31 Aug 2010 07:35:54 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Christopher DeMarco http://www.mattgibson.ca/2008/05/15/how-to-fix-your-hackable-ssh-on-debian-and-ubuntu-servers/comment-page-1/#comment-771 Christopher DeMarco Thu, 15 May 2008 20:11:28 +0000 http://www.mattgibson.ca/archives/107#comment-771 This only fixes connections from this host to others. Inbound connections are still problematic! You need to edit your /etc/ssh/sshd_config file, and set these options: RSAAuthentication no PubkeyAuthenticatio no Then remove the .ssh/authorized_keys and authorized_keys2 files in EVERY USER's HOME DIRECTORY. (cut -d: -f6 < /etc/passwd) . After that, you can flip those sshd_config options back on. NOW you're safe! This only fixes connections from this host to others. Inbound connections are still problematic!

You need to edit your /etc/ssh/sshd_config file, and set these options:

RSAAuthentication no
PubkeyAuthenticatio no

Then remove the .ssh/authorized_keys and authorized_keys2 files in EVERY USER’s HOME DIRECTORY. (cut -d: -f6 < /etc/passwd) .

After that, you can flip those sshd_config options back on.

NOW you’re safe!

]]>