Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm not sure if this question belongs here or in the Networking forum. I'm sorry if its in the wrong forum.
After running rkhunter on a (CentOS 3.5) file server I responded to one of its complaints by dropping support for SSH V1. I was surprised next when the nfs connections to clients were all broken. I was unaware the NFS service relies on SSH. However,when I reinstated SSH V1 support the NFS connections came back up again. So apparently it does.
I was surprised because I thought NFS was a plain text protocol without any security. Could someone explain for me how NFS uses SSH?
Thanks
I've seen NFS tunneling through SSH, but I 'm not aware of any distros that use NFS encryption/tunneling by default. Could you explain in more detail the steps you took to disable SSH v1 support. Also, take a look at the output of ps aux and see how sshd is running (ps aux | grep sshd). With ssh tunneling you'll see it running with the port forwarding options.
Yes the steps I took were to stop SSH1 by removing protocol 1 from the line in /etc/ssh/sshd_config below
#Port 22
#Protocol 2,1
That seems to have been sufficient to break nfs
The output of ps aux | grep sshd (after restoring ssh1) is
[root@lance netadmin]# ps aux | grep sshd
root 1668 0.0 0.1 3664 516 ? S Oct02 0:00 /usr/sbin/sshd
root 5725 0.0 0.2 4244 772 pts/0 S 08:14 0:00 vi sshd_config
root 5800 0.0 0.2 3672 660 pts/2 S 08:18 0:00 grep sshd
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.