[ubuntu-uk] Preventing a hack attempt
Matthew Macdonald-Wallace
matthew at truthisfreedom.org.uk
Sat Aug 28 15:24:48 BST 2010
Quoting "K.de Jong" <k.dejong at undifined.nl>:
> If ssh is rarely used
> and you have a running webserver
> you could consider using ajaxterm
>
> you only listen to ssh on localhost
> and have website that allows access to ssh
>
> this is slower and does not work well with remote ssh auth keys
> but just another solution.
Sorry, but I have to advise strongly against this.
It is far easier to scan (and break!) a web app than it is to brute force SSH.
If you are going to allow any form of command line access to your
server at all, use SSH and nothing else.
Kind regards,
Matt
--
Matthew Macdonald-Wallace
matthew at truthisfreedom.org.uk
http://www.truthisfreedom.org.uk/
More information about the ubuntu-uk
mailing list