Re: Securing SSH: Does disabling password authentication work?
From: Steve Block (scblock_at_ev-15.com)
Date: Mon, 3 Oct 2005 14:49:01 -0500 To: firstname.lastname@example.org
On Mon, Oct 03, 2005 at 10:47:27AM -0700, Alvin Oga wrote:
>hi ya steve
>On Mon, 3 Oct 2005, Steve Block wrote:
>> login attempts were reported as one of
>> faileduser/password from ip.addr.
>> faileduser/none from ip.addr.
>> >From the logs I've looked at after I changed my SSH configuration, I now
>> only see the latter, perhaps because the password authentication method
>> is no longer available.
>are you saying that you still get ssh log entries ??
><sticking my bloody toe into a hungry shark filled pond>
>if so, sshd is still responding to incoming ssh connection on other ports
>> Of course nothing is bulletproof but am I actually more
>> secure than before?
>... you made no other security changes other than port# which can
>trivially be changed to do exactly the same port 22 attacks on other ports
I'm afraid you didn't read at all, did you? Start from the top of the
thread and read again, and you'll see that my question had nothing to do
with port numbers at all. I'm asking if disabling password
authentication while leaving keyboard-interactive/pam and publickey
methods available would pretty much leave the current automated attacks
high and dry since they use password based connection attemps.
-- Steve Block http://ev-15.com/ http://steveblock.com/ email@example.com -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org