Claude Jones <claude_jones@xxxxxxxxxxxxxx> writes: > For various reasons, changing the default SSH port doesn't work well for my > situation. But DenyHosts was installed, configured, and started within > minutes of my getting my connection up last night so I guess I second > your "very good idea" Another suggestion is to use a public/private key pair to login, and disable password logins altogether. This prevents dictionary attacks against the password. This also enables single-signon functionality, since you can setup ssh-agent to store your decrypted private key in memory on the client, and login multiple times without typing a password. Just remember to protect the private key with a strong passphrase. You put the public key in the .ssh/authorized_keys file on all SSH servers you want to login to using the corresponding private key. Regards Ingemar
