sshd hack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sat, Mar 11, 2006 at 10:20:16AM -0500, David Johnston wrote:
> I dealt with these attacks by only allowing PubkeyAuthentication.
> 
>  # Authentication types
> PubkeyAuthentication yes
> AuthorizedKeysFile      .ssh/authorized_keys
> PasswordAuthentication no
> ChallengeResponseAuthentication no
> 
> This requires you to put your public key in .ssh/authorized_keys on
> remote servers.  Make sure it's working before you set
> "PasswordAuthentication no" or you will lock yourself out.

David, I really like the idea of using keys since I believe they are more
resistant to being cracked, but I have one question:

If your ssh keys are in a file on a remote server, does that mean anyone
who has root on that system can use them to gain access to ssh into your home
system?




-- 
Jeff Kinz, Emergent Research, Hudson, MA.
speech recognition software may have been used to create this e-mail

Rumsfeld tells Bush, "3 Brazilian soldiers were killed in Iraq today."
  "Oh my Lord". says Bush. He sits with his head in his hands
for a long minute and then looks up and asks: "How many is a brazillion?

	            ba-da bing! 
   (Thank you, I'll be here all week, try the veal :-)

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux