Am 09. Dec, 2004 schwätzte Robert Ambrose so:
> Another $.02:
>
> In addition to other security measures for ssh discussed in this thread:
>
> I disable root logins for sshd. Set via the following parameter in
> sshd_config: PermitRootLogin no
Yeah, it really annoys me that they continue to leave root logins on by
default.
I also turn on X forwarding :).
> I also disable password authentication for sshd so only users with their
> public key installed can gain access. This is also controlled via
> sshd_config: PasswordAuthentication no
This I don't do. I would like to move to one time passwords, though.
Here's a quote I from a friend:
<jco-work> Wow since I blocked china at my firewall at home, the number of
+password scans and junk mail has dropped dramaticly
So, maybe just blocking .cn and the other countries June mentioned for ssh
and other authenticated services will help.
Presumably she knows whether or not she'll be in .cn in the next few days,
which gives time to open up the firewall if necessary :).
ciao,
der.hans
--
# https://www.LuftHans.com/ http://www.AZOTO.org/
# Knowledge is useless unless it's shared. - der.hans
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)