On Friday 20 of December 2013 03:46:13 Tim wrote: > Allegedly, on or about 18 December 2013, Rick Stevens sent: > > 3. Make sure you enforce complex passwords and require them to be > > rotated at least every 90 days. > > I take issue with the continually changing passwords idea. using rotated passwords for ssh login is painful for human brain :) disabling passwd-auth and using ssh-key protected with single strong password is better for brain and security. for reducing services load and flood in /var/log/secure i suggest cut-off ipset rules based on ipdeny/dot/com and sshbl/org. BR, Paweł. -- gpg key fingerprint = 60B4 9886 AD53 EB3E 88BB 1EB5 C52E D01B 683B 9411 -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
