On 12/16/05, Scot L. Harris <webid@xxxxxxxxxx> wrote: > On Fri, 2005-12-16 at 11:54, Dotan Cohen wrote: > > > I just spent a few minutes googling the subject, and it appears that > > apache, mail, etc dont have passwords at all. So why do they bother > > trying to SSH in on those names? Or will the root password let them in > > (I'd try it before I ask, but I'm not home now and the machine is > > behind a new router that I haven't configured for port forwarding > > yet)? > > They are looking for any valid user id on the system that MIGHT have had > a password set. Shotgun approach, hit them all and maybe one of them > might work. > > > > > If root is disabled from logging in via ssh, and I only have one other > > real user on the system (who I WANT to let in), then is there no real > > reason to use AllowUsers? > > > > specifying the specific user by AllowUsers is best practice. If someone > did set a password on one of those other accounts this would prevent it > from being used for ssh access. > > > Also, if I post something here that I copied from the command line, like: > > [sharon@localhost] $ > > > > > is this insecure? Because that is saying "Here! Use user 'sharon' to > > SSH me!". Should I be more careful in the future with that? > > Not a bad idea. > Really? I think that I'm now convinced to use keys and not even passwords. I'm starting to feel that SSH is just not secure. I know that it is if it is properly buttoned down, so I will certainly button it down. Thanks for all the useful info. Just keeping the machine safe... Dotan Cohen http://technology-sleuth.com/technical_answer/what_is_a_router.html