Per Jessen wrote:
Roger Oberholtzer wrote:
On Sat, 2009-10-03 at 17:27 +0200, Hans Witvliet wrote:
hence i would recommend using keys and disable all password-logins. Other suggestion, use a VPN.
My ssh access is password protected. It is not so much that someone gets in (although I keep an eye open), but rather all the attempts eat resources.
Roger, that's almost certainly the first time I've heard anyone say that - I couldn't care less about the resources wasted by ssh brute force attacks (as long as they're not actually denial-of-service), but I care a lot about anyone getting in.
/Per
I'm pretty sure you misinterpreted what Roger said. He meant that his passwords are secure enough for his purposes. All automated ssh attacks are looking for totally insanely simple passwords, like "password". -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org