18.6. Requiring SSH for Remote Connections

For SSH to be truly effective, using all insecure connection protocols, such as Telnet and FTP should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet.

Some services to disable include:

To disable insecure connection methods to the system, use the command line program chkconfig, the ncurses-based program ntsysv, or the graphical application Services Configuration Tool (redhat-config-services). All of these tools require root access.

For more information on runlevels and configuring services with chkconfig, ntsysv, and Services Configuration Tool, refer to the chapter titled Controlling Access to Services in the Red Hat Linux Customization Guide.