Reg Clemens <reg@xxxxxxx> writes: > I mean, I trust ssh, its just the time waisted reviewing the > logs that this solves. I trust ssh too, but I'm not sure my passwords are *that* good. ;-) Some of those folks were pounding hard enough that they could have gone through a good sized dictionary a few times, injecting different non-alphabetics and "l33t-sp33k" substitutions over the course of a few days. I'm now a strong believer in using "PasswordAuthentication no" in sshd_config and only allowing rsa/dsa authentication. Forcing the kiddies to guess a 1k-bit long key is going to put a real crimp in their time tables. (An old cheat-sheet I put together a while back for some technical but non-computer folks: http://www.wsrcc.com/wolfgang/sshd-config.html ) -wolfgang -- Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/