[Wylug-help] Security log message
Andrew J Cole
ajcole at ajcole.org
Mon Mar 10 14:54:23 GMT 2008
>On 10 Mar 2008, at 10:30, James Holden wrote:
>> On Mon, Mar 10, 2008 at 08:27:00AM +0000, John Hodrien wrote:
>>> ssh certainly gets a pounding from brute force attempts. That was
>>> why I was tempted by rate limiting it.
>>
>> It certainly does. I tend to run SSH on unconventional ports because
>> of
>> this. I see lots and lots of dictionary attacks.
>
>
>I tend not to bother. Instead I always configure ssh to accept key
>based authentication only - no passwords at all.
A two factor login (key + password) would be considerably safer should
you happen to loose your key!
Andrew
More information about the Wylug-help
mailing list