Mailinglist Archive: opensuse (1986 mails)
| < Previous | Next > |
Re: [opensuse] Results of moving ssh to a high port - Zero script kiddies in a 24 hour period.
- From: Bob Williams <linux@xxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 28 Nov 2008 21:09:38 +0000
- Message-id: <200811282109.38637.linux@xxxxxxxxxxxxxxxxxxxxx>
On Friday 28 November 2008 20:19:15 James Knott wrote:
Bob
--
Registered Linux User #463880 FSFE Member #1300
GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E
openSUSE 11.0, Kernel 2.6.25.18-0.2-default, KDE 3.5.10
Intel Celeron 2.53GHz, 2GB DDR RAM, nVidia GeForce 7600GS
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Bob Williams wrote:Thanks, James.
On Friday 28 November 2008 19:12:52 James Knott wrote:
G T Smith wrote:
Bob Williams wrote:
On Thursday 27 November 2008 15:03:29 David C. Rankin wrote:
James Knott wrote:
To turn off password checking, which of the following do I need to
modify
in sshd.config?
I am not sure this is a good idea. Just because you have moved the
default port to a different value does *not* mean you should
disable authentication. A more sophisticated scan is quite likely
to identify that the port is open for ssh and taking security of it
is not very safe (particularly if open to the outside world). All
this does is protect against 'dumb' scripts causing server load
issues, once the port has been identified as being used for ssh it
will become open to attack again.
I didn't say turn off authentication. I suggested turning off
password authentication. With SSH you can use a public/private key
to log in. Without that key, no amount of password guessing will get
you in, because there is no valid password. My private key appears
to be over 1600 random ASCII characters, which will very difficult
to guess.
And I asked how to turn off password authentication. I'd still be
grateful for an answer, guys :)
Bob
Here's what I have on my firewall:
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
#PermitEmptyPasswords no
Bob
--
Registered Linux User #463880 FSFE Member #1300
GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E
openSUSE 11.0, Kernel 2.6.25.18-0.2-default, KDE 3.5.10
Intel Celeron 2.53GHz, 2GB DDR RAM, nVidia GeForce 7600GS
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |