[sllug-members]: How does one properly implement OpenSSH?

Kyle Waters unum at unum5.org
Tue Mar 25 08:54:26 MST 2008 

Nathan Lane wrote:
> You're right, I am using Windows - and I know it's a Linux Users 
> Group, but I know Linux, and I know Windows, 
I think he was mostly commenting because we all assumed you were you 
were using Linux which made some of your questions seem really odd.  So 
if you want support for free software products in Windows I think that 
is ok, you should just clarify that in your first post, because the 
answers can be really different.

> and OpenSSH is a linux product that was ported to Windows, also, it 
> will be a Linux server soon.  
I think OpenSSH was originally developed on BSD actually, but it is a 
F/OSS program.

> Thanks for the correction - I am installing it, not implementing it, 
> although in a Linux environment I'd argue that most programs are 
> implemented by users because it is often the case that one must 
> compile the program on his own system.  
Really?  I rarely compile the software on my own GNU/Linux system.  I 
use dselect to install software 99.9% of the time.

> Anyway, so I'm going to try removing the space from my user account 
> and see if that works.  Thanks for the suggestions and help.

If that doesn't work you should share with us how you have installed 
openssh.  Are you using cygwin or is there a port that runs openssh as a 
service?

Now as for security a lot of people I know like to use the RSA keys and 
only connect from a few computer that they can copy the key to.  Or they 
carry the RSA key around on a USB drive.  Only allowing RSA keys will 
protect you from password guessing(I use RSA keys in situations where I 
connect between certain computers a lot because I'm lazy and get sick of 
typing the password).  Using a different port will protect you again the 
daily brute force attempts I've seen on against some of my servers in 
the past, but some people will still find your ssh service and run brute 
force attempts(as well as other security exploits).  To protect againts 
brute force attempts, I use my firewall to prevent more than two 
password guesses in a minute.

Kyle

More information about the sllug-members mailing list