Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Disabling CBC Cipher mode causes login problems
Top Forums UNIX for Advanced & Expert Users Disabling CBC Cipher mode causes login problems Post 303035137 by Neo on Wednesday 15th of May 2019 05:41:17 AM
Old 05-15-2019
When system admins make sshd config changes to a remote server they do not logout of their working session before they confirm the changes work..

For example, if you are logged into a server and make changes to sshd, you do not log out of that session.

Code:
server:/var/www/ads# ssh me@remote.example.com
me@remove.example.com's password: 
Last login: Thu May  9 08:14:30 2019 from 139.112.217.44
me@remote:~$ sudo -i
[sudo] password for me: 
// make changes to ssh configation
remote:~# service sshd restart

You are still logged to the remote server.

Now try to ssh again from another terminal.

Or alternatively, you can run sshd on another port with another configuration file, for example on some (linux) systems;

Code:
sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-f config_file] [-g login_grace_time] [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]

So, it is not really wise, or at least it is not how I would make sshd changes, to make changes in your config without testing them first.

Code:
sshd  [-f config_file]  [-p port]

You can run and test sshd on any open port you like.
 

9 More Discussions You Might Find Interesting

1. SCO

Disabling root login

Hy, Coud someone tell me how to disable root login via terminal (only from console should be allowed). There is no ssh installed, only telnet. I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login? SCO OpenServer 5 ... (1 Reply)
Discussion started by: veccinho
1 Replies

2. AIX

Problems with disabling remote root login

Hello! I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh. What i did: - in /etc/security/user i added a line: rlogin = false which works fine when i try to login through telnet - after installation of openSSH i edited... (3 Replies)
Discussion started by: veccinho
3 Replies

3. AIX

disabling telnet login for root only

Hi, I want to disable telnet login for root only so that other users can telnet? Regards, Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies

4. OS X (Apple)

Script Implementation for Disabling Re-Opening Previous Login

Ok guys, I'm just getting back to this amongst several other projects, but I thought I'd re-address it. I'm creating the script to disable windows from the previous login under 10.7. In order to do this it seems I need to create the same script for applications that launch and create the... (6 Replies)
Discussion started by: unimachead
6 Replies

5. Ubuntu

Login Problems when the system is grub mode

Hi Experts, I am using ubuntu.When i am trying to login it is showing grub ..How i can overcome to this problem..Pls reply me ASAP.. Thanks, Sree (1 Reply)
Discussion started by: sree vasu
1 Replies

6. Solaris

Console-login in maintainance mode

I have a v490 server running Solaris 10. Everytime I reboot this machine, the console-login service goes to maintainance mode and I have to provide the root password. All the other dependencies are running fine and nothing there in the logs too. To bring it online, I have to enable it manually. ... (1 Reply)
Discussion started by: aksijain
1 Replies

7. Debian

Disabling emergency and init mode

Hello all friends I recently disable runlevel 1 i want to know , is there any way to disable emergency mode and init mode init mode means if any user pass kernel parameter at grub i.e init=/bin/bash then bash shell appears I want to disable it for security purpose System = Debian 6... (4 Replies)
Discussion started by: rink
4 Replies

8. Linux

Not able to login in graphical mode

Hi Guys After installing my CentOS in virtual machine i am not able to get the graphical mode. By default it is going in TUI mode. Please help how to get the graphical mode by default. I am already in init 5..... Thanks...:wall: (1 Reply)
Discussion started by: deviltech
1 Replies

9. Solaris

Need to disable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm

Hi All Is any one know how to diable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm in solaris 10. Regards (4 Replies)
Discussion started by: amity
4 Replies

LEARN ABOUT X11R4

sftp-server

sftp-server(1M)                                           System Administration Commands                                           sftp-server(1M)

NAME

       sftp-server - SFTP server subsystem

SYNOPSIS

       /usr/lib/ssh/sftp-server

DESCRIPTION

       sftp-server implements the server side of the SSH File Transfer Protocol as defined in the IETF draft-ietf-secsh-filexfer.

       sftp-server is a subsystem for sshd(1M) and must not be run directly. There are no options or config settings.

       To enable the sftp-server subsystem for sshd add the following to /etc/ssh/sshd_config:

       Subsystem   sftp     /usr/lib/ssh/sftp-server

       See sshd_config(4) for a description of the format and contents of that file.

       There is no relationship between the protocol used by sftp-server and the FTP protocol (RFC 959) provided by in.ftpd.

EXIT STATUS

       The following exit values are returned:

       0        Successful completion.

       >0       An error occurred.

FILES

       /usr/lib/sftp-server

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWsshdu                    |
       +-----------------------------+-----------------------------+
       |Interface Stability          |Evolving                     |
       +-----------------------------+-----------------------------+

SEE ALSO

       sftp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), sshd_config(4), attributes(5)

       To  view  license  terms,  attribution,  and  copyright  for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the
       Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
       location.

AUTHOR

       Markus Friedl

SunOS 5.10                                                          30 Jul 2003                                                    sftp-server(1M)
All times are GMT -4. The time now is 09:22 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy