Jump to content

sshd config Q


anode

Recommended Posts

I'm probably going to do a bad job asking this but.....

 

Can one configure sshd to only connect with clients that already have the key in known_hosts?

ie: Not offer the server's public key to the client on first connection.  So if the client doesn't have the server's public key, its just gets a connection refused.

This would be linux; raspbian or kali on a Pi. (server)

Link to comment
Share on other sites

Sorry for posing a stupid question... but why ?

You can setup the client, to not connect if server is not in known_hosts, but as far as I see it, SSH wont function properly without sending servers public key.
I'm not sure, but I really can't see the point in it either ;)

If it' a matter of security, set key auth only, and disable ordinary password login. throw some fail2ban in front of it, and you should be fairly safe :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...