El Sábado, 26 de Mayo de 2007 16:25, Wolfgang S. Rupprecht escribió: > Michael Klinosky <mpk2@xxxxxxxxx> writes: > > I'd like to know what threats exits for ssh - are there webpages that > > discuss this? I *thought* that using an arbitrary port and putting > > 'AllowUsers ...' into sshd_config would handle these things (along > > with a password other than 'abcd' :) ). > > The problem with passwords is that you have to trust all your users to > pick good ones that aren't in any attacker's dictionary. The only > somewhat safe passwords are the ones that are computer generated > random numbers/letters/symbols. All the others that are easy to > remember for users are potential candidates for someone to put into a > dictionary of passwords to try. You are in effect betting that your > passwords all aren't in any attacker's dictionary yet. > If you want to keep all your systems and users password under control, and this mean, to know when some user choose a weak or a password which matchs a dictionary word, you might want to take a look at Babel Enterprise http://babel.sf.net it's quite useful for all those administrators who wanna to keep all the system security in just one webpage (a webconsole, basically) Cheers -- Manuel Arostegui Ramirez. Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues.
