Re: Is it safe to open ssh port to world with only key based authentication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: lsomike@xxxxxxxxxx, For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Is it safe to open ssh port to world with only key based authentication?
From: John Wendel <john.wendel@xxxxxxxxxxxxxxx>
Date: Wed, 23 Nov 2005 09:00:58 -0800
Cc:
In-reply-to: <200511230815.01157.lsomike@xxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
Organization: FNMOC
References: <60fdb1ad0511230000m5914544em@xxxxxxxxxxxxxx> <200511230815.01157.lsomike@xxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.7-1.1.fc3 (X11/20050929)

Mike Klinke wrote:

On Wednesday 23 November 2005 02:00, Vijay Gill wrote:
Recently I started using key based authentication and disabled
passwords in /etc/ssh/sshd_conf My question is, is it safe to
open the port 22 in my iptables firewall script?
There's no black and white answer to that. On a scale of 1 to 10you might want to assign numbers as follows:
1 = unsafe
3 = password authentication enabled
6 = key based authentication only
7 = allowing only certain IP address to access
10 = no access allowed to anyone
Some people are perfectly comfortable using strong passwords andwill consider anything over a '2' to be "safe". Others would onlyconsider "safe" to be something at '7' or better and I'm certainyou'll hear that '10' is the only sure defense.
Regards, Mike Klinke

I use a different port number (like 12322) and change it frequently.Makes it a little harder for the port scanners to find you.


Regards,

John

Follow-Ups:
- Re: Is it safe to open ssh port to world with only key based authentication?
  - From: Jeff Vian
- Re: Is it safe to open ssh port to world with only key based authentication?
  - From: Vijay Gill

References:
- Is it safe to open ssh port to world with only key based authentication?
  - From: Vijay Gill
- Re: Is it safe to open ssh port to world with only key based authentication?
  - From: Mike Klinke

Prev by Date: Re: kernel panic
Next by Date: FC4. Oracle installer sais that I don't have gcc 3.2. But I DO!
Previous by thread: Re: Is it safe to open ssh port to world with only key based authentication?
Next by thread: Re: Is it safe to open ssh port to world with only key based authentication?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]