Where do I go to allow RFB and ssh connections in MDK 9.2?
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Where do I go to allow RFB and ssh connections in MDK 9.2?
I have a system set up on a network for remote administration with security set one below paranoid. Where do I need to enable access for RFB and ssh fro me to be able to connect to these services? I have already DMZ'ed the server on the router and Shorewall is running pretty darn tight.
Thanks. I am heading out to that remote location today to give this a try. Hopefully all goes well. Is there any other possible configs I need to edit to make this go? Just want to cover all bases before heading out. Thanks again.
I like to disallow root access through SSH so you have to connect as a regular user and then su - to do any admin work. This stop brute force password attacks on root. Even if they get the password, the get the same error message as if the wrrng password was entered. To do this, edit /etc/ssh/sshd_config and make sure these lines are in your file:
Port 22
Protocol 2 <-- This is important!
SyslogFacility AUTHPRIV
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin no <-- This is the one for root denial!
I add the Banner line and it displays the contents of /etc/ssh/ssh_banner file when users attempt to login. Mine says something like:
Code:
This system is for use only by authorized XYZ Company IS employees!
By completing the log in process, you agree to the following terms:
You are an IS Dept. employee of XYZ Company and are authorized to use this system.
All actions may be logged, monitored and reported.
IP & MAC addresses are logged.
Ooops, I lied! They do not get the same error message, they just get disconnected... Still they can not login as root.
ssh root@test
This system is for use only by authorized XYZ IS employees!
By completing the log in process, you agree to the following terms:
You are an IS Dept. employee of XYZ and authorized to use this system.
All actions may be logged, monitored and reported.
IP & MAC addresses are logged.
root@test's password:
Read from remote host everest: Connection reset by peer
Connection to test closed.
Can anyone think of any other places that might be blocking my connection? I tried to connect to both RFB and SSH and both connections are still denied. I vaguely remember one other place you have to allow connections other than /etc/shorewall/rules when MDK security is set to high. Can anyone please refresh my memory?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.