On Sat, 2009-10-03 at 17:16 +0200, Per Jessen wrote:
Per Jessen wrote:
Roger Oberholtzer wrote:
On Sat, 2009-10-03 at 08:58 -0400, Cristian Rodríguez wrote:
On 03/10/09 09:00, Roger Oberholtzer wrote:
I am not sure how to proceed.
You can't actually proceed ;-) this is an issue with any network service on planet earth, but you can protect yourself of being cracked by only using public key authentication.
I was thinking more along the lines of moving my sshd to a less known port. I access it in a controlled fashion. So, having it on a standard port is not (I think) a requirement for me. Then, our NAT could simply drop the sshd port accesses on the well-known port.
Yes, that approach actually works very well.
I've just remembered the only drawback - using rsync, scp and others who use ssh under the covers does become a little tiresome, but I think both rsync and scp have environment variables that'll set a usable default so you don't have to specify the new port all the time.
hence i would recommend using keys and disable all password-logins. Other suggestion, use a VPN. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org