DSM-G600, DNS-3xx and NSA-220 Hack Forum
Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Announcement
IRC Channel #funplug on irc.freenode.org
#1 2010-11-15 15:31:29
- bound4h
- Member
- Registered: 2010-04-12
- Posts: 209
Can "nobody" login to ssh?
I have 5 users on my DNS323, and I'm wondering which ones can login via SSH. I have:
root
admin
nobody
myftpuser
sshd
Can nobody login via ssh? I try to login, but it asks for pw? What is nobody pw? Also, is admin the admin user that is for the web interface? Can it login via ssh as well?
I've had attacks on port 22 (open) so I'm just trying to determine which accounts are accessible and which are not via SSH.
Thanks
Offline
#2 2010-11-15 16:49:46
- bjby
- Member
- Registered: 2009-02-22
- Posts: 265
Re: Can "nobody" login to ssh?
http://man-wiki.net/index.php/5:sshd_config
AllowUsers
This keyword can be followed by a list of user name patterns,
separated by spaces. If specified, login is allowed only for
user names that match one of the patterns. `*' and `?' can be
used as wildcards in the patterns. Only user names are valid; a
numerical user ID is not recognized. By default, login is
allowed for all users. If the pattern takes the form USER@HOST
then USER and HOST are separately checked, restricting logins to
particular users from particular hosts.
Offline
#3 2010-11-15 22:37:07
- bound4h
- Member
- Registered: 2010-04-12
- Posts: 209
Re: Can "nobody" login to ssh?
Thanks. But which of the above MUST have access via ssh? Does "nobody" need ssh access? How about "sshd"?
Also, can I just restrict all incoming attempts to connect from either 192.168.*.* plus one other external IP? I can't find where I can do this.
Last edited by bound4h (2010-11-15 22:37:41)
Offline
#4 2010-11-17 17:34:22
- hell0
- Member
- From: .de
- Registered: 2008-05-13
- Posts: 81
Re: Can "nobody" login to ssh?
first, install a new port 22 because your old one got attacked and probably damaged.
just kidding, you need to read more, to understand what your are doing..
no user, except the ones you really want to must have ssh access. users without pw set can not connect to ssh per default.
you may want to look at http://dns323.kood.org/howto:securing_sftp at the end at denyhosts or search the forum for ssh key auth
CH3SNAS firmware 1.05 with WD1000FYPS and ffp 0.5 on USB Stick
Offline
#5 2010-11-18 15:53:06
- bound4h
- Member
- Registered: 2010-04-12
- Posts: 209
Re: Can "nobody" login to ssh?
I actually do want denyhosts, but I don't have debian/optware/whatever it is you need to have denyhosts.
I don't want to lose any of my ffp settings or functionality by installing debian/lenny/etc. That's what I'm afraid of. I have since moved the external port from 22 to 5555 and haven't had a single hit on it since. So that's good sign.
Question though: With the DEFAULT ssh setup that comes with FFP0.5, can ANY user on the system that has a password (say, admin or an ftp user that I created in the WEB interface) access and login to ssh?
Offline