[GLLUG] Maybe OT - Fail2ban and what triggers it
Nix
nix at esperi.org.uk
Tue Mar 19 01:30:58 UTC 2013
On 18 Mar 2013, Mike Brodbelt told this:
> If there is a problem with SSH security, it's that passwords chosen by
> users are typically poor, and involve far less entropy than you would
> want. If you want to secure SSH better, remove password auth from the
> chain, and use a 2048 bit DSA key
DSA is generally considered to have no compelling advantages over RSA,
and one great big flaming disadvantage: if you ever once use a bad RNG
with it, you compromise your private key. (I still have a DSA SSH key
myself on a couple of systems: I should change them.)
--
NULL && (void)
More information about the GLLUG
mailing list