Mailinglist Archive: opensuse (1986 mails)

[Bob Williams <linux@xxxxxxxxxxxxxxxxxxxxx>]

On Friday 28 November 2008 19:12:52 James Knott wrote:
> G T Smith wrote:
> > Bob Williams wrote:
> > > On Thursday 27 November 2008 15:03:29 David C. Rankin wrote:
> > > > James Knott wrote:
> > >
> > > To turn off password checking, which of the following do I need to
> >
> > modify
> >
> > > in sshd.config?
> >
> > I am not sure this is a good idea. Just because you have moved the
> > default port to a different value does *not* mean you should disable
> > authentication. A more sophisticated scan is quite likely to identify
> > that the port is open for ssh and taking security of it is not very
> > safe (particularly if open to the outside world). All this does is
> > protect against 'dumb' scripts causing server load issues, once the
> > port has been identified as being used for ssh it will become open to
> > attack again.
>
> I didn't say turn off authentication.  I suggested turning off password
> authentication.  With SSH you can use a public/private key to log in.
> Without that key, no amount of password guessing will get you in,
> because there is no valid password.  My private key appears to be over
> 1600 random ASCII characters, which will very difficult to guess.
And I asked how to turn off password authentication. I'd still be grateful 
for an answer, guys :)

Bob
-- 
Registered Linux User #463880           FSFE Member #1300
GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E
openSUSE 11.0, Kernel 2.6.25.18-0.2-default, KDE 3.5.10
Intel Celeron 2.53GHz, 2GB DDR RAM, nVidia GeForce 7600GS
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx