Re: SSH Automatic Log-on Failure - Centos 5.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Always Learning wrote:
>
> On Thu, 2011-01-27 at 06:40 -0500, Stephen Harris wrote:
>> *NEVER* use password authentication for root
>> (passwords are easier to brute force 'cos people choose bad passwords).
>> Use ssh public key access for root, with appropriate restrictions
>> (eg "from=").
>
> You haven't seen my long and difficult (for others) password (uppercase,
> lowercase, and digits). It is unlikely ever to succumb to brute
> force. :-)

Ah, no. Where can you log in as root from? If it's anywhere outside the
intranet, bad, bad, bad. Thre's been reports that the serious encryption
keys can be cracked in a very short time, thanks to an account on Amazon's
cloud. Here at work, you can only log in as root *from* *the* *console*;
anything else, it's either via ssh keys, or as yourself, then sudo (or
sudo -s).

When I have more than one machine at home, I *only* allow ssh from the
internal net, and *never* from outside.

        mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux