Chapter 5 Securing the Server 57
2. Use the shownetwork command to validate that all the network modifications
were implemented.
For information about using the Sun Security Toolkit to create secure configurations
for servers running the Solaris Operating System, see the following web site:
http://www.sun.com/software/security/jass
Selecting a Remote Connection Type
The SSH and Telnet services on the system controller are disabled by default.
Enabling SSH
If the system controller is on a general-purpose network, you can ensure secure
remote access to the system controller by using SSH rather than Telnet. SSH encrypts
data flowing between host and client. SSH provides authentication mechanisms that
identify both hosts and users, enabling secure connections between known systems.
Telnet is fundamentally insecure because the Telnet protocol transmits information,
including passwords, unencrypted.
Note – SSH does not help with FTP, HTTP, SYSLOG, or SNMPv1 protocols. These
protocols are unsecure and should be used cautiously on general purpose networks.
The system controller provides limited SSH functionality, supporting only SSH
version 2 (SSHv2) client requests.
TABLE 5-1 identifies the various SSH server
attributes and describes how the attributes are handled in this subset. These
attribute settings are not configurable.
.
TABLE 5-1 SSH Server Attributes
Attribute Example Values Comment
Protocol 2 Supports only SSH v2
Port 22 Listening port
ListenAddress 0.0.0.0 Supports multiple IP
addresses
AllowTcpForwarding no Port forwarding not
supported
To Next Page
Loading...
Need help?
General
