OT: password crackers
Phillip Susi
psusi at cfl.rr.com
Wed Feb 8 16:48:07 UTC 2006
Toby Kelsey wrote:
<snip>
> I'm worried an attempt might succeed on an automatically generated username.
> The users with valid shells in /etc/passwd are:
> root daemon bin sys sync games man lp mail news uucp proxy www-data
> backup list irc gnats nobody toby zac fetchmail guest backuppc
>
All of the default accounts have locked passwords, so that isn't a
problem. sshd should also be configured to not allow root logins ( not
sure if it is by default in ubuntu, but probably is, and root's password
is locked by default anyhow ) and ideally, only allow authentication
with RSA keys and not passwords. That will prevent anyone from brute
forcing their way in.
More information about the ubuntu-users
mailing list