Re: SSH attacks

Subject: Re: SSH attacks

From: Nigel Kersten <email@hidden>

Date: Thu, 1 Dec 2005 09:05:44 +1100

Delivered-to: email@hidden

On 01/12/2005, at 5:36 AM, Dan Shoop wrote:

At 9:50 AM +1100 11/30/05, Nigel Kersten wrote:

On 30/11/2005, at 9:24 AM, Ken Garland wrote:

I take it that /etc/sshd_config should be considered useless then. ;)

Well no... You can always turn on root login for setting up the replicas, and then turn it off afterwards, as it's not needed anymore after that.

Same goes for password authentication.

Configure sshd to permit just access from those machines participating.

And I prefer keys over passwords any day.

Sure, but it's not like you're forced into turning off password authentication if you want to use keys.

Keys are great for when the actual authentication system has screwed up. That's saved me quite a number of times...

Nigel Kersten [Senior Technical Officer]

College of Fine Arts, University of NSW, Australia.

CRICOS Provider Code: 00098G

_______________________________________________ Do not post admin requests to the list. They will be ignored. Macos-x-server mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/macos-x-server/email@hidden This email sent to email@hidden

References:

>SSH attacks (From: Bruno Schaeffer <email@hidden>)

>Re: SSH attacks (From: Dan Shoop <email@hidden>)

>Re: SSH attacks (From: Ken Garland <email@hidden>)

>Re: SSH attacks (From: Michael J Wise <email@hidden>)

>Re: SSH attacks (From: Nigel Kersten <email@hidden>)

>Re: SSH attacks (From: Ken Garland <email@hidden>)

>Re: SSH attacks (From: Nigel Kersten <email@hidden>)

>Re: SSH attacks (From: Dan Shoop <email@hidden>)