I'm currently trying to secure a LAMP server (Slackware 10.1) and have plenty of questions.
This thread has some questions about SSHD.
What SSHD can do for me? One of the things as I understand it, is providing a secure 'kind of telnet' where the communication is encrypted (so it can not be snooped).
I have the feeling that it can do other things (reading between the lines of man pages etc). If so, what?
If it does encrypted communication, how does it work? I understand that there are some negotiations before a session_key is generated and used by the two parties?
What prevents an attacker from snooping (and understanding) those negotiations? And as a result getting the session_key and be able to decrypt the communication?
A newbie friendly link is fine (I could not find one
Everywhere I fall over the term fingerprint. E.g. when I connect the first time to the SSHD, PuTTY (a Windows SSH client) tells me something in the line of "it can't verify the fingerprint and if it can trust it"
. Where can I find the fingerprint of my SSHD (or how can I calculate it)? I've looked in the files in /etc/ssh, but don't seem to be able to find it. As I could not find it, I assume it's a checksum/hash type of value which one might be able to calculate.
Is there a difference between 'PermitRootLogin no' and 'DenyUsers root' in the sshd_config?
PS I modified sshd_config to only allow protocol 2