Re: Securing SSH

---

• From: "Wolfgang S. Rupprecht" <wolfgang+gnus200605@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 23 May 2006 11:48:45 -0700

---

Reg Clemens <reg@xxxxxxx> writes:

I mean, I trust ssh, its just the time waisted reviewing the
logs that this solves.

I trust ssh too, but I'm not sure my passwords are *that* good. ;-)

Some of those folks were pounding hard enough that they could have
gone through a good sized dictionary a few times, injecting different
non-alphabetics and "l33t-sp33k" substitutions over the course of a
few days.

I'm now a strong believer in using "PasswordAuthentication no" in
sshd_config and only allowing rsa/dsa authentication. Forcing the
kiddies to guess a 1k-bit long key is going to put a real crimp in
their time tables.

(An old cheat-*** I put together a while back for some technical but
non-computer folks: http://www.wsrcc.com/wolfgang/sshd-config.html )

-wolfgang
--
Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

---

• References:
  • Securing SSH
    • From: Brian D. McGrew
  • Re: Securing SSH
    • From: Reg Clemens

• Prev by Date: Re: File Permissions problem : Cry for HELP
• Next by Date: Re: FC5: Sendmail error
• Previous by thread: Re: Securing SSH
• Next by thread: Re: Securing SSH
• Index(es):
  • Date
  • Thread

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)