Tim, The important ones, imho -- 1. disallow root login 2. disallow password authentication (use keys, as someone else has described) 3. prevent multiple failed attempts using iptables: # Log and block repeated attempts to access SSH # See /proc/net/ipt_recent file for low-level data # Block attempts to access SSH if 4 or more attempts made in the last 60 secs -A RH-Firewall-1-INPUT -p tcp --syn --dport 22 -m recent --name sshattack --set -A RH-Firewall-1-INPUT -p tcp --dport 22 --syn -m recent --name sshattack --rcheck --seconds 60 --hitcount 4 -j LOG --log-prefix "SSH REJECT: " -A RH-Firewall-1-INPUT -p tcp --dport 22 --syn -m recent --name sshattack --rcheck --seconds 60 --hitcount 4 -j REJECT 4. if possible, limit ssh access to your static ip. That all seems reasonably secure to me! Liam Tim Alberts wrote: > So I setup ssh on a server so I could do some work from home and I > think the second I opened it every sorry monkey from around the world > has been trying every account name imaginable to get into the system. > > What's a good way to deal with this? > > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos > -- Liam Kirsher PGP: http://liam.numenet.com/pgp/ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos