israel.garcia@xxxxxxxxxxxx wrote:
> Here is my question, I have a DataBase CentOS server working with
> about 150 users connected via ssh, so I want to set up for all users
> strongs passwords ... cut ...
In addition to the password considerations, I recommend the following.
1) Disable SSH v1 access
2) Disable all authentication, including password authentication, except public key authentication.
3) Generate all public keys with passphrases.
Alternatively, if you have either a UNIX Kerberos realm, or you are already synchronizing UNIX and ADS authentication, consider Kerberos authentication instead (e.g., one-way ADS trust, if you are are already using ADS for authentication of UNIX). Otherwise, public key would be far better than password authentication.
--
Bryan J. Smith mailto:b.j.smith@xxxxxxxx
