Ubuntu server remote file access

Colin Law clanlaw at googlemail.com
Fri Sep 27 15:07:46 UTC 2013


On 27 September 2013 14:58, Kent Borg <kentborg at borg.org> wrote:
> On 09/27/2013 09:48 AM, compdoc wrote:
>>
>> And having port 22 open invites the world to attempt breaking into your
>> server by trying to guess passwords.
>
>
> If you don't reuse passwords between your ssh account and other accounts,
> and if you have a good password, this should not be a problem.  The sshd
> will limit how fast attackers can make attempts. (Your ATM PIN is only
> 4-digits, but because the ATM limits tries, it is secure.)

I thought that if you used keys for authentication and have disabled
password access (as the OP has done), then ssh is effectively
unbreakable.

Colin

>
> I look at my logs and see attackers spending hundreds of attempts to try to
> break my root password, and I chuckle: First, because root doesn't have a
> login password, Second, if it did the password would be of sufficient that
> it would take billions of attempts to have a 50-50 chance of getting in.
>
> However, nearly everyone *does* reuse just a few passwords across multiple
> sites, which is doomed.  Don't do that!  But you will...
>
> -kb
>
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users




More information about the ubuntu-users mailing list