Re: annoying brute force attack attempt using ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Patrick O'Callaghan wrote:
On Thu, 2008-05-15 at 14:41 -0700, Wolfgang S. Rupprecht wrote:
"jeff emminger" <[email protected]> writes:
isn't password authentication insecure?  why not set
"PasswordAuthentication no" and use ssh keys, and maybe port-knocking
too
My feeling exactly.  You have no control over how stupid a password
users will pick.  The only control you have is to not allow passwords
in the first place and insist on at least a 1k-bit (hopefully random)
key.
Then you just have to hope the users' machines aren't vulnerable ...

poc

Or at least they use a pass-phrase protected key, and a good phrase.

Mikkel
--

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux