Re: Is it safe to open ssh port to world with only key based authentication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: fedora-list@xxxxxxxxxx
Subject: Re: Is it safe to open ssh port to world with only key based authentication?
From: Ian Pilcher <i.pilcher@xxxxxxxxxxx>
Date: Fri, 25 Nov 2005 10:31:27 -0600
In-reply-to: <60fdb1ad0511230000m5914544em@xxxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <60fdb1ad0511230000m5914544em@xxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Sender: news <news@xxxxxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.7-1.1.fc4 (X11/20050929)

Vijay Gill wrote:
     I read it somewhere (I googled and found it, but cannot find it
> again) that if password based authentication is disabled and using
> only key based, it is safe to have your fedora box available over the
> internet so that you can login remotely.

I opened port 22 at one point (with password-based authentication on),
and it didn't take long before someone in Asia was trying to guess IDs
and passwords.

My current setup uses OpenVPN (available in Fedora Extras) running on a
randomly selected UDP port.  UDP port scans are much slower than TCP
port scans, so it's less likely to be noticed.

-- 
========================================================================
Ian Pilcher                                        i.pilcher@xxxxxxxxxxx
========================================================================

References:
- Is it safe to open ssh port to world with only key based authentication?
  - From: Vijay Gill

Prev by Date: Re: MMS protocol
Next by Date: Re: MMS protocol
Previous by thread: Re: Is it safe to open ssh port to world with only key based authentication?
Next by thread: WIne an Internet Explorer on FC4 - please help
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]