LinuxSSH·Chapter9 203 version of SSH and proceeds to hack in and gain control. While it is an exploit that was already fairly well known, the principle and method of the attack were still quite valid. If a cracker knows what you have running, it is easier to find an exploit. While securing your environment through obfuscation is not really a good method of ensuring your data stays safe, it can't hurt to try to keep a low profile. Until every system in the world is totally secure and invulnerable, it helps not to be the low- hanging fruit that hangs right at eye level to everyone with a port scanner. The best way to make sure that we are keeping our systems secure, usable, and low-visibility is to ensure that we have configured our services with these three goals in mind. Editing the SSH Configuration File In the interest of configuring SSH to hit those three goals, we have to dig into the default configuration file, /etc/ssh/sshd_config. This file is full of helpful settings and comments that control how the SSH service runs and what it is and isn't allowed to do. Configuring SSH Protocols The first thing to do when editing the sshd_config file is to make sure that the SSH1 protocol is