1734 Views 5 Replies Latest reply: Feb 11, 2011 11:30 AM by Garner
You can turn off SSH service if you want. There are a few things it's needed for, but they're few and far between; setting up a replica Open Directory server is the only one that comes to mind. To turn it off, run System Preferences on the server, go to the Services pane, and disable the "Remote Login" service.
Thanks for the replies.
I'd like to block it at the network edge, but we don't have a firewall appliance and I'd rather not try to mess with the router. This server is used as an email server and that's it. It is in my office and I can access it directly. There is no reason to have remote access, so I'd just assume disable it completely.
Message was edited by: Garner
That means your router is forwarding all traffic to the server. It is only a matter of time before your server will be hacked.
You need to:
Block port 22 (ssh) at the router, ASAP.
Use non-trivial passwords (better is to reconfig ssh to only allow login with RSA certificates, but that is more advanced).
Also, if your router is forwarding all traffic, then it is possible that break-in will be appempted on other protocols (AFP, SMB, etc.). This means you are only as secure as the weakest password of any of your users. Not very safe...