[H-GEN] Re: Blocking SSH exploits

Kelvin Heng kelvinheng at hotmail.com
Mon Aug 23 09:45:24 EDT 2004


I think it would be safer to have public key access if you preferred 
authorized access.
Public key infrastructure would make it more difficult to crack and not 
forgetting to disable password authorized.
On top of that, you may consider using TCP Wrapper for authorized stations.

Kelvin Heng

----- Original Message ----- 
From: "Robert Brockway" <robert at timetraveller.org>
To: <general at lists.humbug.org.au>
Sent: Monday, August 23, 2004 12:22 PM
Subject: Re: [H-GEN] Re: Blocking SSH exploits

>[ Humbug *General* list - semi-serious discussions about Humbug and     ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
> On Mon, 23 Aug 2004, Troy Piggins wrote:
>> If you want ssh available to the outside world, I guess you just
>> have to ensure good username and password policies, and hope that
> I never allow ssh to be externally visible if it is accepting
> username/password access.  Using ssh with some form of public key access
> only isn't hard but does require some pre-planning unless the list of
> locations you can to ssh from is fixed.
> Rob
> -- 
> Robert Brockway B.Sc. email: robert at timetraveller.org, 
> rbrockway at uqconnect.net
> Linux counter project ID #16440 (http://counter.li.org)
> "The earth is but one country and mankind its citizens" -Baha'u'llah
> _______________________________________________
> General mailing list
> General at lists.humbug.org.au
> http://lists.humbug.org.au/cgi-bin/mailman/listinfo/general

More information about the General mailing list