[deployment-guide/comm-rel: 27/41] Updated the Requiring SSH for Remote Connections section.
dsilas
dsilas at fedoraproject.org
Fri Jul 16 08:54:09 UTC 2010
commit 5913dd63921ae7ee9ff8f0aaf9c778d161df21dd
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Wed Jul 14 12:41:49 2010 +0200
Updated the Requiring SSH for Remote Connections section.
en-US/OpenSSH.xml | 35 ++++++++---------------------------
1 files changed, 8 insertions(+), 27 deletions(-)
---
diff --git a/en-US/OpenSSH.xml b/en-US/OpenSSH.xml
index b5e6ad2..252b593 100644
--- a/en-US/OpenSSH.xml
+++ b/en-US/OpenSSH.xml
@@ -521,36 +521,17 @@ It is also possible that the RSA host key has just been changed.</screen>
<secondary>requiring for remote login</secondary>
</indexterm>
<para>
- For SSH to be truly effective, using insecure connection protocols, such as Telnet and FTP, should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet.
+ For SSH to be truly effective, using insecure connection protocols should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet. Some services to disable include <command>telnet</command>, <command>rsh</command>, <command>rlogin</command>, and <command>vsftpd</command>.
</para>
<para>
- Some services to disable include:
+ To disable these services, type the following commands at a shell prompt:
</para>
- <itemizedlist>
- <listitem>
- <para>
- <command>telnet</command>
- </para>
- </listitem>
- <listitem>
- <para>
- <command>rsh</command>
- </para>
- </listitem>
- <listitem>
- <para>
- <command>rlogin</command>
- </para>
- </listitem>
- <listitem>
- <para>
- <command>vsftpd</command>
- </para>
- </listitem>
- </itemizedlist>
- <para>To disable insecure connection methods to the system, use the command line program <command>chkconfig</command>, the ncurses-based program <application>/usr/sbin/ntsysv</application>, or the <application>Services Configuration Tool</application> (<command>system-config-services</command>) graphical application. All of these tools require root level access.</para>
- <para lang="en-US,as-IN,bn-IN,gu-IN,hi-IN,kn-IN,ml-IN,mr-IN,or-IN,pa-IN,si-LK,ta-IN,te-IN">
- For more information on runlevels and configuring services with <command>chkconfig</command>, <application>/usr/sbin/ntsysv</application>, and the <application>Services Configuration Tool</application>, refer to <xref linkend="ch-Controlling_Access_to_Services" />.
+ <screen>~]# <command>chkconfig telnet off</command>
+~]# <command>chkconfig rsh off</command>
+~]# <command>chkconfig rlogin off</command>
+~]# <command>chkconfig vsftpd off</command></screen>
+ <para>
+ For more information on runlevels and configuring services in general, refer to <xref linkend="ch-Controlling_Access_to_Services" />.
</para>
</section>
</section>
More information about the docs-commits
mailing list