Show Table of Contents
20.6. Requiring SSH for Remote Connections
For SSH to be truly effective, using insecure connection protocols, such as Telnet and FTP, should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet.
Some services to disable include:
To disable insecure connection methods to the system, use the command line program
chkconfig, the ncurses-based program /usr/sbin/ntsysv, or the Services Configuration Tool (
system-config-services) graphical application. All of these tools require root level access.
For more information on runlevels and configuring services with
chkconfig, /usr/sbin/ntsysv, and the Services Configuration Tool, refer to the chapter titled Controlling Access to Services in the System Administrators Guide.