[H-GEN] Re: Blocking SSH exploits
Kelvin Heng
kelvinheng at hotmail.com
Mon Aug 23 09:45:24 EDT 2004
Hi,
I think it would be safer to have public key access if you preferred
authorized access.
Public key infrastructure would make it more difficult to crack and not
forgetting to disable password authorized.
On top of that, you may consider using TCP Wrapper for authorized stations.
Regards,
Kelvin Heng
----- Original Message -----
From: "Robert Brockway" <robert at timetraveller.org>
To: <general at lists.humbug.org.au>
Sent: Monday, August 23, 2004 12:22 PM
Subject: Re: [H-GEN] Re: Blocking SSH exploits
>[ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> On Mon, 23 Aug 2004, Troy Piggins wrote:
>
>> If you want ssh available to the outside world, I guess you just
>> have to ensure good username and password policies, and hope that
>
> I never allow ssh to be externally visible if it is accepting
> username/password access. Using ssh with some form of public key access
> only isn't hard but does require some pre-planning unless the list of
> locations you can to ssh from is fixed.
>
> Rob
>
> --
> Robert Brockway B.Sc. email: robert at timetraveller.org,
> rbrockway at uqconnect.net
> Linux counter project ID #16440 (http://counter.li.org)
> "The earth is but one country and mankind its citizens" -Baha'u'llah
>
> _______________________________________________
> General mailing list
> General at lists.humbug.org.au
> http://lists.humbug.org.au/cgi-bin/mailman/listinfo/general
>
More information about the General
mailing list