I added the AllowUsers option in the sshd_config file when I saw login attempts in the log files. This way, common accounts like root couldn't be logged into even if the password was guessed. > -----Original Message----- > From: fedora-list-bounces@xxxxxxxxxx > [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Tom Diehl > Sent: Sunday, November 14, 2004 1:48 AM > To: For users of Fedora Core releases > Subject: Re: SSH safety > > > On Sun, 14 Nov 2004, J.L. Coenders wrote: > > > Hi, > > I was wondering how safe it is to open the ssh port up to the > > internet. I am > > behind a router which is firewalled to block all traffic, > unless I open it up > > and route it to my computer. Is it safe to open ssh up to > the internet, so I > > can run applications of my home computer over the internet? > > Depends on how paranoid you are. Every open port creates some > risk. Generally speaking ssh is fairly secure but there have > been exploits found in it in the past. As long as you keep > things up2date you should be OK. You can as others will > suggest move the port ssh runs on to a non-standard port > which means that the scripts that run everyday looking for > weak passwds and known exploits will not know where to look. > You can also disable root logins via ssh among other things, > depending on your level of paranoia. > > HTH, > > Tom > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list > >
