HPE Community
Operating System - HP-UX
1822009 Members
3978 Online
109639 Solutions
New Discussion юеВ

Preventing putty.exe from accessing the system

 
Kristopher March
Regular Advisor

тАО06-03-2002 05:20 AM

тАО06-03-2002 05:20 AM

Preventing putty.exe from accessing the system

Is there a way to prevent putty.exe from connecting to our systems?

I have Ssh1AgentCompatibility set to none in my /etc/ssh2/ssh2config file. Then I do a kill -HUP on the ssh process.

That doesn't seem to give me what I what.
"This ain't no burger flippin job!"
0 Kudos
Reply
7 REPLIES 7
Craig Rants
Honored Contributor

тАО06-03-2002 05:27 AM

тАО06-03-2002 05:27 AM

Re: Preventing putty.exe from accessing the system

To prevent access to your server you need to modify the sshd.config file. The ssh2config only affects ssh attempts leaving your server. And since putty is a windows client...

Anyway there are few ways to do this
add this:
DenyHosts IPOFPUTTYBOX
or add this:
Protocol 2 (this usually is Protocol 2,1)
or comment out this:
# HostKey for protocol version 1
# HostKey /opt/openssh2/etc/ssh_host_key

One of these should work for you.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Kristopher March
Regular Advisor

тАО06-03-2002 05:33 AM

тАО06-03-2002 05:33 AM

Re: Preventing putty.exe from accessing the system

I forget to mention that I am running F-secure v3.0.1

And I don't know if that makes any difference.
I'm looking for other ssh config files.
"This ain't no burger flippin job!"
0 Kudos
Reply
Kristopher March
Regular Advisor

тАО06-12-2002 07:20 AM

тАО06-12-2002 07:20 AM

Re: Preventing putty.exe from accessing the system

...still not able to prevent putty.exe from accessing our system.

I have everything referencing Sshd1 set to no or none.
Restarting sshd after every change and still not getting what I need.

Anyone else have some ideas?
"This ain't no burger flippin job!"
0 Kudos
Reply
Thomas D. Harrison
Frequent Advisor

тАО06-12-2002 10:04 AM

тАО06-12-2002 10:04 AM

Re: Preventing putty.exe from accessing the system

Is it possible that PuTTY is using SSH2? You can tell by:

ooo click on the name of a Saved Session
ooo and then on
ooo Click on the SSH category on the left.
ooo This screen should tell you if the preferred protocol is SSH1 or SSH2.

I can't really think of any way that the HP box could distinguish between clients if they both use the same protocol.
Imbibo ergo sum.
0 Kudos
Reply
Kristopher March
Regular Advisor

тАО06-12-2002 10:12 AM

тАО06-12-2002 10:12 AM

Re: Preventing putty.exe from accessing the system

When testing, I select to connect in with the Ssh1 protocol. It works. I don't know if it just defaults back to protocol 2 if protocol fails fails or not.
"This ain't no burger flippin job!"
0 Kudos
Reply
Bill Thorsteinson
Honored Contributor

тАО06-13-2002 07:31 AM

тАО06-13-2002 07:31 AM

Re: Preventing putty.exe from accessing the system

Putty does support SSH2,
which is why I switched to it.

If you want to prevent putty
from connecting to the system
from anywhere shut down SSH.
However, I don't recommend
shutting down SSH.

I have seen some releases of
SSH respond with a password
prompt to SSH1 connections
when SSH1 was disabled. The
correct password did not
provice access.

Check the authorized_keys
files and see if the user
is listed in any of them.

On HPUX 11.x I believe you
can use tcpwrappers to limit
the addresses that can
connect to your server.

You may also be able restict
access on the network router
0 Kudos
Reply
Santosh Nair_1
Honored Contributor

тАО06-13-2002 07:42 AM

тАО06-13-2002 07:42 AM

Re: Preventing putty.exe from accessing the system

Another place to check whats going is to righ-click on the menu bar on your putty session and select "Event Log". This will show the negotiations between the client (PuTTy) and the server (sshd). Hope this helps.

-Santosh
Life is what's happening while you're busy making other plans
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.