Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I would like to Thank Everyone that helped me out with this issue we did manage to resolve it as i mentioned before by using TCP Wrapper by allowing only my ip range in SSH and it has fixed the problem since i have not recieved any issues now with SSH.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
Originally Posted by punjabipredator
I asked my support about putty before you mentioned it because i heard from somewhere that it can generate they key and they said the following to me
The key can be generated on a system with Openssh running as you have to use the ssh -keygen to generate the key.You may use a linux machine with Openssh running in it.The key generation cannot be done in putty
That support person is ignorant. The puttygen program can create public & private keys and you can just copy & paste the output from the top of the window into your Linux box, since it's OpenSSH format (PuTTY does not save it's files in OpenSSH format, but when you generate a key it shows you the OpenSSH public key output).
Note that the putty.exe program does not generate keys, it's the puttygen.exe program. If you only downloaded putty.exe instead of the full installer, then you do not have puttygen.exe.
That support person is ignorant. The puttygen program can create public & private keys and you can just copy & paste the output from the top of the window into your Linux box, since it's OpenSSH format (PuTTY does not save it's files in OpenSSH format, but when you generate a key it shows you the OpenSSH public key output).
Note that the putty.exe program does not generate keys, it's the puttygen.exe program. If you only downloaded putty.exe instead of the full installer, then you do not have puttygen.exe.
I will try it out when i have alot of spare time. Thank You Chort.
The attacks have stopped with the ip range on the SSH i noticed i did get any users trying to break into my server today.
Last edited by punjabipredator; 12-26-2006 at 10:12 PM.
You can also install cygwin/x on your windows machine. Then you can use ssh-keygen, and ssh itself to connect to a remote server. You could also use "ssh -X" to be able to run a gui program remotely, but read up on security first. I don't think the udp packets will travel through the tunnel.
The key can be generated on a system with Openssh running as you have to use the ssh -keygen to generate the key.You may use a linux machine with Openssh running in it.The key generation cannot be done in putty.
Create the key with puttygen. Putty will show you the key to paste into your authorized_keys file.
As far as securing SSH access:
- Limit client sources if possible
- Limit accounts that can login
- Force key authentication to eliminate brute force attacks
- Throttle incoming connections
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.