14.2.3. Requiring SSH for Remote Connections
For SSH to be truly effective, using insecure connection protocols should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet. Some services to disable include
telnet
, rsh
, rlogin
, and vsftpd
.
To disable these services, type the following commands at a shell prompt:
~]#chkconfig telnet off
~]#chkconfig rsh off
~]#chkconfig rlogin off
~]#chkconfig vsftpd off
For more information on runlevels and configuring services in general, see Chapter 12, Services and Daemons.