Re: annoying brute force attack attempt using ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



El jue, 15-05-2008 a las 14:41 -0700, Wolfgang S. Rupprecht escribió:
> "jeff emminger" <jemminger@xxxxxxxxx> writes:
> > isn't password authentication insecure?  why not set
> > "PasswordAuthentication no" and use ssh keys, and maybe port-knocking
> > too
> 
> My feeling exactly.  You have no control over how stupid a password
> users will pick.  The only control you have is to not allow passwords
> in the first place and insist on at least a 1k-bit (hopefully random)
> key.

Although, you can force them to create passwords with numbers, something
like, for instance,  at least 2 numbers and one alphanumeric characters.
That would help a wee bit to avoid easy passwords that may be broken
with a basic brute force attack.

Manuel.
-- 
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux