Re: Securing SSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reg Clemens <reg@xxxxxxx> writes:
>         I mean, I trust ssh, its just the time waisted reviewing the
>         logs that this solves.

I trust ssh too, but I'm not sure my passwords are *that* good. ;-)

Some of those folks were pounding hard enough that they could have
gone through a good sized dictionary a few times, injecting different
non-alphabetics and "l33t-sp33k" substitutions over the course of a
few days.

I'm now a strong believer in using "PasswordAuthentication no" in
sshd_config and only allowing rsa/dsa authentication.  Forcing the
kiddies to guess a 1k-bit long key is going to put a real crimp in
their time tables.

(An old cheat-sheet I put together a while back for some technical but
non-computer folks: http://www.wsrcc.com/wolfgang/sshd-config.html  )

-wolfgang
-- 
Wolfgang S. Rupprecht                http://www.wsrcc.com/wolfgang/


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux