Date: Sat, 10 May 2003 12:52:17 +0100 (BST) From: William Palfreman <william@palfreman.com> To: Daniela <dgw@liwest.at> Cc: Kirill Pisman <anyher@ngs.ru> Subject: Re: Why is port 22 open by default? Message-ID: <20030510122815.F79934@ndhn.yna.cnyserzna.pbz> In-Reply-To: <200305101108.13319.dgw@liwest.at> References: <20030509000921.P66401-100000@alpha.yumyumyum.org> <200305101108.13319.dgw@liwest.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 May 2003, Daniela wrote: > > SSH is fairly secure, but there is no 100% secure remote access solution. > > That said, you should be fine with ssh enabled, I've had it enabled for > > ages without problems, just make sure you pick a good password. > > Sounds like SSH is secure enough for me. Or is a 19 character password too > short? :-) A word of caution here. There have been plenty of previous releases of OpenSSH that have been cracked, often for reasons external to it, like the gzip compression library overflow, and more recent issues with OpenSSL. Unless you really need cross-Internet access to a machine, don't enable ssh logins on an Internet facing server. If you must have remote access from the Internet, consider using something more secure than than passwords for authentication. I use rsa/dsa key authentication only. Even then, you must pay special attention to security announcements that affect OpenSSH. -- W. Palfreman. I'm looking for a job. Read my CV at: Tel: 0771 355 0354 www.palfreman.com/william/cv-wfp2.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030510122815.F79934>