Re: brute force ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Deron Meranda wrote:
On 4/27/05, Aleksandar Milivojevic <amilivojevic@xxxxxx> wrote:

Daniel Kirsten wrote:

there are numerous brute force ssh attacks in the web.
I was quite curious, and for fun, I created the typical
user accounts and set easy to guess passwords....

Generally, very bad idea. Unless you know exactly what you are doing, which you obviously don't.


Also, learn to use ssh RSA keys rather than allowing ssh passwords.
Even if you have keys you still need to disable passwords for it
to be secure.  Doing that prevents dictionary password-guessing
attacks.  To disable ssh password access, edit /etc/ssh/sshd_config
and set

  PasswordAuthentication no

You may also want to disable root via ssh as well with

  PermitRootLogin no

(After changing config either reboot or 'service sshd restart')


The first of _my_ boxes to be cracked now has ssh logins w/o passwords, and firewall rules to allow ssh login only from select parts of the world. No access to Americans, Russians or Israelis.

However, I do think that's more than necessary. I uses a password generator (expect has one but there are alternatives)

I'm prepared to assume that this (defunct) password is unguessable:
q64bxjdc and that word combinations such as amaze-egg and listansett are good enough.


One does need to watch word length though: I used calamityjane (on RHL 4.2) for some time, later discovered it was equivalent to calamityj.



--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux