On Thu, 2005-05-12 at 17:59 +0100, James Wilkinson wrote: > grim wrote: > > if the passwords are as weak as roland's seems to be the > > 'PermitRootLogin no'-option is only a little barrier. instead of one pw > > the attacker has to get two passwords. > > And a username. Depending on the attacker and the site, that may or may > not be trivial. > > At least some of the boxes I look after with SSH running have usernames > that don't appear in dictionaries or Google, and aren't widely known > outside the company. It means that an attacker has to get to know one of > the users. > > They're not really "another password", but they're another hoop for > people to jump through. > I would suggest specific SSH user names; Users that won't be found in email plus, of course, strong passwords. These, then, are the only users in "AllowUsers" augmented with "known hosts." -- Multi-RBL Check: http://www.TQMcube.com/rblcheck.htm Kill Spam at the Source: http://www.TQMcube.com/spam_trap.htm Today's Spam Trap Adds: http://www.TQMcube.com/BlockedToday RBLDNSD HowTo: http://www.TQMcube.com/rbldnsd.htm
