[H-GEN] How safe is SSH on the internet?
Christopher Biggs
listjunkie at pobox.com
Sun Jun 29 20:01:43 EDT 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
Stuart Longland <stuartl at longlandclan.hopto.org> moved upon the face of the 'Net and spake thusly:
> I've set it up to prohibit root access via SSH, and my user account
> uses a strong password, this is fine, however, one account on the system
> is a little on the weak side, and there may be other gotcha's to look
> out for. Basically, all I have to do to enable it, is to set up the
> additional port on the hardware ADSL router.
Heed Mark's suggestion to prohibit SSH v1 (allowing only v2), also
consider using RSA or DSA authentication instead of passwords, or even
S-key.
Oh, and make sure all the rlogin legacy stuff is turned off.
--cjb
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list