Frank Cox wrote: : Karl Larsen <k5di@xxxxxxxxxx> wrote: : > From my own experience I learned you need to use real good passwords : > on EVERYTHING. I thought my user password was safe because no one can : > get to that. WRONG. A ssh connection can use your weak user password to : > get in. : > : > So use passwords that include letters upper and lower case and : > numbers. Then sleep well at night. : : Better solution: : : Specify only the usernames and IP addresses allowed to log in through ssh : in /etc/ssh/sshd_config How does one get into one's system from one's laptop if one is traveling and forced to use the local hotel internet connection? : Disallow password logins completely in /etc/ssh/sshd_config and use keys : instead. Agreed! Also, I (and many others) have found that moving sshd off of port 22 completely stops the script-kiddy attempts that fill one's /var/log/messages : Add the appropriate entries to /etc/hosts.allow and /etc/hosts.deny to deny : remote access to ssh (and all other services) Again, how does this impact remote access when traveling? Dean
