From owner-freebsd-questions@FreeBSD.ORG Wed Jun 24 17:26:59 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 011C8106564A for ; Wed, 24 Jun 2009 17:26:59 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ew0-f213.google.com (mail-ew0-f213.google.com [209.85.219.213]) by mx1.freebsd.org (Postfix) with ESMTP id 799518FC08 for ; Wed, 24 Jun 2009 17:26:58 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by ewy9 with SMTP id 9so111340ewy.43 for ; Wed, 24 Jun 2009 10:26:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=um8E1Jsmz2O9zQt2MWsQ1bfED+Luswytl0RhTer22lo=; b=CZzt9Cx5Ow1PwS/i5fvcz7E6PxTel+Vvj8uD9QL4qpYCtf7Eq8O7Wj+pvSrCLag15B krWi8XWXc+sz9xzgernI49U7IjNqx6wzcyb5IsVizopfsyZV7/KtY7kn9H2sKYmvR0WR dL1Zuu8r6HyWqTEGmaJGb3o9wEQ3ibGA1Tugg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=hKgACdG3Z3jFqoBDsHIEEdH2aFbDDg+K09v5wL2NDCOrIE5iHGUIFW0SnNvikLr+L5 i0wIhhwqXeOtuvtJmtug/RzmnTfUDm+2T3WXwkMRGgVB81Ykz3MBaXA46TZJLNHGIdwH +v5PJ51/vtIZIrmpXafAZBlTXqUrxzkrDKXEw= Received: by 10.211.177.16 with SMTP id e16mr1666047ebp.86.1245864416864; Wed, 24 Jun 2009 10:26:56 -0700 (PDT) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id 7sm321959eyg.2.2009.06.24.10.26.52 (version=SSLv3 cipher=RC4-MD5); Wed, 24 Jun 2009 10:26:56 -0700 (PDT) Date: Wed, 24 Jun 2009 18:26:43 +0100 From: RW To: freebsd-questions@freebsd.org Message-ID: <20090624182643.33329399@gumby.homeunix.com> In-Reply-To: <20090624151259.GA2367@phenom.cordula.ws> References: <4A406D81.3010803@locolomo.org> <4A4109DE.3050000@locolomo.org> <4A413CF8.60901@locolomo.org> <20090624143613.6a87a749@gumby.homeunix.com> <4A422FCB.2050900@locolomo.org> <20090624140221.GA1974@phenom.cordula.ws> <4A423D19.4050602@locolomo.org> <20090624151259.GA2367@phenom.cordula.ws> X-Mailer: Claws Mail 3.7.1 (GTK+ 2.16.2; i386-portbld-freebsd7.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Best practices for securing SSH server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jun 2009 17:26:59 -0000 On Wed, 24 Jun 2009 17:12:59 +0200 cpghost wrote: > It all boils down to this: do you login from a secure machine > or not? Each tool has its own set of uses. When I want to log in > from a public terminal, I prefer OPIE; OPIE is probably fine in almost all cases, but you may wish to read the following thread: http://comments.gmane.org/gmane.os.freebsd.security.general/9272