On a BSD box at work (at an extremely fast connection and static IP), I run an SSH server. I am the only person who uses the server, but I use it from some locations that are behind a dynamic IP (so I can't set pf rules to filter by IP). I will always, however, use the same laptop to connect to the server. Due to the speed and location of the connection, it's a relatively high-risk target.
What are some good practices for securing this SSH server. Is using a stored key safer than a password in this instance? I have no experience with port-knocking, but I'd appreciate some tips or suggested beginning references... I welcome any and all advice. Note: I do require X11 forwarding (not sure whether that's relevant information) TIA, Daniel _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
