[Gllug] ssh brute force attacks
John Edwards
john at cornerstonelinux.co.uk
Mon Dec 8 16:25:29 UTC 2008
On Mon, Dec 08, 2008 at 04:06:30PM +0000, Ryan Cartwright wrote:
> 2008/12/8 Anthony Newman <anthony.newman at ossified.net>:
>> Alain Williams wrote:
>>
>>> What other means do you use to increase ssh security ?
>> Key-only authentication. They can try all they like then :)
>
> Unless/until your keys are compromised of course. :)
No, because ssh-keygen asks you to set a passphrase.
And if you need to use passphrase-less keys for automated
logins (eg rsync transfers) then you can restrict them by
IP address.
Also running on a different port is a cheap and effective
way of reducing the automated attacks to almost nothing.
--
#---------------------------------------------------------#
| John Edwards Email: john at cornerstonelinux.co.uk |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20081208/32a179a4/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list