SSHD_config question
Rashkae
ubuntu at tigershaunt.com
Thu Aug 14 14:02:55 UTC 2008
Brian McKee wrote:
> On Thu, Aug 14, 2008 at 8:10 AM, Knapp <magick.crow at gmail.com> wrote:
>> On Thu, Aug 14, 2008 at 1:42 PM, Adam Funk <a24061 at ducksburg.com> wrote:
>>> On 2008-08-14, Knapp wrote:
>> I hope, pray, that my system has strong security at this point with ssh
>> locked down hard and Firestarter locking out most other things. Have I
>> missed anything?
>
> If you use ssh, I'd use rsa keys and not use passwords at all.
> Problem solved, as long as you keep the key handy and don't let it
> loose.
>
> That being said, if you use real passwords (i.e. longer than 8,
> include at least more than one case, some numbers and punctuation -
> definitely not something you can find in a newspaper) you are fine.
>
> If you look at the attempts those ssh bots are trying the passwords
> are laughably bad. If you have a laughably bad password then you have
> issues :-)
>
> Brian
>
And I suppose, you have never in a moment of weakness created a user
named Test with password test?
It's a good idea to lock out password based logins from the wild from
the wild. Prevents silly accidents.
More information about the ubuntu-users
mailing list