Hello, On Tue, 23 May 2006 11:53:27 -0600 Reg Clemens <reg@xxxxxxx> wrote: > > > > I'm looking to tighten up my ssh configuration. > > Well, your going to have people banging on the door no matter what you > implement. I finally had it with the log files (Logwatch) being full of > this pounding and did two things > (1) in my firewall only allowed incoming ssh from my work network > number. (2) Actually, that would have been too severe, I do want to get in > from other > outside numbers on occasion,- so I also allow incoming ssh from my > ISP. So if Im outside, not at work, and need to get in, I first ssh to my > ISP, then > ssh home. That ended the banging on the door. I mean, I trust > ssh, its just the time waisted reviewing the logs that this solves. Here: no root login, no trustedhosts, proto2 only, no passwordauthlogin, no rsa, sshd at port != 22, and ssh-faker running (http://www.pkts.ca/ssh-faker.shtml). Regards, -- wwp
Attachment:
signature.asc
Description: PGP signature
