Bob Williams wrote:
On Friday 28 November 2008 19:12:52 James Knott wrote:
G T Smith wrote:
Bob Williams wrote:
On Thursday 27 November 2008 15:03:29 David C. Rankin wrote:
James Knott wrote:
To turn off password checking, which of the following do I need to
modify
in sshd.config?
I am not sure this is a good idea. Just because you have moved the default port to a different value does *not* mean you should disable authentication. A more sophisticated scan is quite likely to identify that the port is open for ssh and taking security of it is not very safe (particularly if open to the outside world). All this does is protect against 'dumb' scripts causing server load issues, once the port has been identified as being used for ssh it will become open to attack again.
I didn't say turn off authentication. I suggested turning off password authentication. With SSH you can use a public/private key to log in. Without that key, no amount of password guessing will get you in, because there is no valid password. My private key appears to be over 1600 random ASCII characters, which will very difficult to guess.
And I asked how to turn off password authentication. I'd still be grateful for an answer, guys :)
Bob
Here's what I have on my firewall: # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no #PermitEmptyPasswords no -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org