SSHD_config question
NoOp
glgxg at sbcglobal.net
Thu Aug 14 20:12:57 UTC 2008
On 08/14/2008 06:57 AM, Brian McKee wrote:
> On Thu, Aug 14, 2008 at 8:10 AM, Knapp <magick.crow at gmail.com> wrote:
>> On Thu, Aug 14, 2008 at 1:42 PM, Adam Funk <a24061 at ducksburg.com> wrote:
>>> On 2008-08-14, Knapp wrote:
>> I hope, pray, that my system has strong security at this point with ssh
>> locked down hard and Firestarter locking out most other things. Have I
>> missed anything?
>
> If you use ssh, I'd use rsa keys and not use passwords at all.
> Problem solved, as long as you keep the key handy and don't let it
> loose.
>
> That being said, if you use real passwords (i.e. longer than 8,
> include at least more than one case, some numbers and punctuation -
> definitely not something you can find in a newspaper) you are fine.
>
> If you look at the attempts those ssh bots are trying the passwords
> are laughably bad. If you have a laughably bad password then you have
> issues :-)
>
> Brian
>
Agree there... (laughably bad password attempts).
@Knapp: I'd recommend that you install denyhosts.
https://help.ubuntu.com/community/InstallingSecurityTools
http://www.ubuntugeek.com/securing-ssh.html
More information about the ubuntu-users
mailing list