[Macpartners] Fwd: Configuring Mac OS X to disable SSH v1...
Ginny Williams
ginnyw at MIT.EDU
Thu Nov 13 10:35:23 EST 2003
FYI.
ginny
--- begin forwarded text
X-Sieve: CMU Sieve 2.2
To: abcd-mac at abcd.harvard.edu, MIT OS X Help Help <macosx-help at mit.edu>
From: Eric Zelman <zelman at apple.com>
Subject: Configuring Mac OS X to disable SSH v1...
Date: Wed, 12 Nov 2003 22:09:28 -0500
X-Mailer: Apple Mail (2.606)
X-Spam-Score: -1.8
X-Spam-Flag: NO
X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang)
Folks-
This has been brought to my attention by several people, so please
read if you are using SSH to connect to your Mac-
>Version 1 of the SSH protocol has security vulnerabilities, but is
>enabled by default in OS X (including Panther). To eliminate the
>vulnerabilities, the SSH configuration must be changed so that only
>version 2 of the SSH protocol is enabled. Here's how to do that:
>
>1. Using sudo in Terminal, edit the file /etc/sshd_config. For
>example, if you're using vi, enter:
> sudo vi /etc/sshd_config
>(Any text editor can be used.)
>
>2. Locate the line:
> #Protocol 2,1
>It should be near the top of the file. Uncomment the line, and
>remove version 1 from it:
> Protocol 2
>
>3. Save the file.
>
>4. For the change to take effect, sshd must be restarted (if you're
>running it). One way to do that is to go to the "Sharing" System
>Preferences panel, disable Remote Login, wait for it to say "Remote
>Login Off", the enable Remote Login again.
Eric Zelman
Systems Engineer
Apple
68 Mt. Hope Ave.
Providence, RI 02906
zelman at apple.com
AppleCare Support
http://search.apple.com/
Apple Higher Education
http://www.apple.com/education/hed/
Apple Store for Education
http://www.apple.com/education/store/
--- end forwarded text
More information about the Macpartners
mailing list