18.6. Requiring SSH for Remote Connections
For SSH to be truly effective, using all insecure connection protocols,
such as Telnet and FTP should be prohibited. Otherwise, a user's
password may be protected using SSH for one session, only to be captured
later while logging in using Telnet.
Some services to disable include:
To disable insecure connection methods to the system, use the command
line program chkconfig, the ncurses-based program
ntsysv, or the graphical application
Services Configuration Tool
(redhat-config-services). All of these tools require
For more information on runlevels and configuring services with
chkconfig, ntsysv, and
Services Configuration Tool, refer to the chapter titled
Controlling Access to Services in the
Red Hat Linux Customization Guide.