On Sun, 2009-10-04 at 19:02 +0200, Per Jessen wrote:
John Andersen wrote:
Per Jessen wrote:
Roger Oberholtzer wrote:
On Sat, 2009-10-03 at 17:27 +0200, Hans Witvliet wrote:
hence i would recommend using keys and disable all password-logins. Other suggestion, use a VPN.
My ssh access is password protected. It is not so much that someone gets in (although I keep an eye open), but rather all the attempts eat resources.
Roger, that's almost certainly the first time I've heard anyone say that - I couldn't care less about the resources wasted by ssh brute force attacks (as long as they're not actually denial-of-service), but I care a lot about anyone getting in.
The system that allows ssh access has only a few accounts. The few passwords that exist are controlled and less than obvious. Perhaps they might be found in a Martian dictionary. And it would have to be one of the dead Martial languages you don't hear very often these days. I am not trying to be cocky or over confident. I just wanted to point out that the machine that is being attacked has little in the way of accounts with simple minded passwords. Aside from ssh, it is a web gateway to one specific internal machine, also with limited user accounts and great control over passwords. Of course, no machine is impregnable. I think I will be moving sshd to another less-obvious port. -- Roger Oberholtzer -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org