Date: Sun, 18 Oct 2009 00:36:53 +0200 From: "Darren Reed" <avalon@coombs.anu.edu.au> To: "johnea" <me@johnea.net> Cc: freebsd-security@freebsd.org Subject: Re: openssh concerns Message-ID: <1255819013.8559.1340620221@webmail.messagingengine.com> In-Reply-To: <21075_1254443471_4AC549CE_21075_106_1_4AC545C3.9020608@johnea.net> References: <21075_1254443471_4AC549CE_21075_106_1_4AC545C3.9020608@johnea.net>
next in thread | previous in thread | raw e-mail | index | archive | help
If this hasn't been mentioned already, disable password logins in sshd_config and require RSA authentication only. I do this on all hosts I administer that are internet accessible and it allows me to confidently ignore all of the password guessing attacks, resulting in peace of mind. Darren RSAAuthentication yes PubkeyAuthentication yes PasswordAuthentication no ChallengeResponseAuthentication no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1255819013.8559.1340620221>