G T Smith wrote:
Bob Williams wrote:
On Thursday 27 November 2008 15:03:29 David C. Rankin wrote:
James Knott wrote: To turn off password checking, which of the following do I need to modify in sshd.config?
I am not sure this is a good idea. Just because you have moved the default port to a different value does *not* mean you should disable authentication. A more sophisticated scan is quite likely to identify that the port is open for ssh and taking security of it is not very safe (particularly if open to the outside world). All this does is protect against 'dumb' scripts causing server load issues, once the port has been identified as being used for ssh it will become open to attack again.
I didn't say turn off authentication. I suggested turning off password authentication. With SSH you can use a public/private key to log in. Without that key, no amount of password guessing will get you in, because there is no valid password. My private key appears to be over 1600 random ASCII characters, which will very difficult to guess. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org