On Tue, Mar 13, 2007 at 10:05:24AM +0200, Andrei Popescu wrote: > Tarek Soliman <[EMAIL PROTECTED]> wrote: > > > Do not log in as root via ssh or even allow it. > > There are reasons why the default in Debian is PermitRootLogin no > > The default is "yes". > See /usr/share/doc/openssh-server/Readme.DEBIAN.gz for the maintainers > oppinion. >
Wow. Everything I thought I knew about security has been shattered. It seems there are regular attempts to log in as root through ssh though. Having a strong password helps. Having port-knocking or ip-banning based on so many failed attempts helps. Changing the port helps. (least satisfying way I think) I think the best way is to have key-only authentication on just the list of AllowUsers. Feel free to correct me if I'm wrong (again) -- Tarek -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
