[H-GEN] How safe is SSH on the internet?

[Stuart Longland]

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
	Just a question about SSH... I'm running a Red Hat 8.0 box as our
web/mail/dns/irc server for our domain with Linux 2.4.21, and was
wondering whether it would be a safe move to allow SSH access so that I
can do file uploads and remote maintenance.

	I've set it up to prohibit root access via SSH, and my user account
uses a strong password, this is fine, however, one account on the system
is a little on the weak side, and there may be other gotcha's to look
out for.  Basically, all I have to do to enable it, is to set up the
additional port on the hardware ADSL router.

	In particular, there's a couple of daemon accounts, which I could
tighten a couple of these accounts (changing the user's shell to a
wrapper shell script for instance), and I'd be interested in knowing
what methods there are.

	Is there any gotcha's that I need to plan for?
- --
+-------------------------------------------------------------+
| Stuart Longland           stuartl at longlandclan.hopto.org |
| Brisbane Mesh Node: 719             http://stuartl.cjb.net/ |
| I haven't lost my mind - it's backed up on a tape somewhere |
| Griffith Student No:           Course: Bachelor/IT (Nathan) |
+-------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+/tnqIGJk7gLSDPcRApqMAJ9LZU6d4B1qDb9B8hILy6TzDKqjKgCfY/iB
JY3Gjh3zYtXkSXnfTjDomPA=
=SuHd
-----END PGP SIGNATURE-----


--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/