20.6. Requiring SSH for Remote Connections

For SSH to be truly effective, using insecure connection protocols, such as Telnet and FTP, should be prohibited. Otherwise, a user's password may be protected using SSH for one session, only to be captured later while logging in using Telnet.

Some services to disable include:

To disable insecure connection methods to the system, use the command line program chkconfig, the ncurses-based program ntsysv, or the Services Configuration Tool (redhat-config-services) graphical application. All of these tools require root level access.

For more information on runlevels and configuring services with chkconfig, ntsysv, and the Services Configuration Tool, refer to the chapter titled Controlling Access to Services in the Red Hat Enterprise Linux System Administration Guide.