Fix SSH Version 1 Warning in Plesk - Security Guide

Addressing SSH Version 1 Warnings on Dedicated Servers

This guidance is specifically for users managing dedicated servers. Many system administrators are likely familiar with recurring security scan warnings. These alerts, often delivered weekly by server security scanners, highlight potential vulnerabilities.

A typical error message received from a tool like "watchdog" might resemble the following:

Security scanning generated the following warnings (the full scanning log is available at /var/log/rkhunter.log): [01:01:51] ------------------------- Security advisories -------------------------
[01:01:52] Warning: SSH version 1 possible allowed!

Resolving the Issue: Configuring SSH

To rectify this, modification of the sshd_config file is required. This file serves as the primary configuration for the sshd service.

The file's location can vary, but it is commonly found within the /etc/ssh/ directory. Access and edit the file with root privileges.

vi /etc/ssh/sshd_config

Caution: Incorrect modifications to this file can prevent SSH access to your server. Proceed with care.

Locating and Modifying the Protocol Setting

Within the sshd_config file, locate the section containing the "Protocol" directive. This is where the necessary adjustment will be made.

An example of the relevant section might appear as follows:

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

If the "Protocol" line is commented out (preceded by a '#') or includes both "2,1", it must be altered to explicitly specify version 2.

Ensure the line reads:

Protocol 2

Leave all other lines within the file unchanged.

Restarting the SSH Service

After saving the changes to sshd_config, the sshd service must be restarted for the new configuration to take effect.

This can be accomplished using the following command:

/etc/init.d/sshd restart

Following the restart, the security scan warnings related to SSH version 1 should no longer be generated.