Re: Remote administration of a server
Once again,
RSA auth for SSH works well, since there is no password a dictionary attack
won't work, make the key a 1024 bit or 2048 bit ket and it'll take an
extreme amount of time for any would be intruder to get past this. Of course
you'll need to get the public key to yourself when you change keys, which
should happen on a regular basis, as would password changes. Getting the key
to yourself is relatively easy too, it can be copied through SCP to your
workstation and into the relevant file in your home (unix) or in the dir
where your ssh client lives (windows)
----- Original Message -----
From: Mitja Podreka
To: debian-user@lists.debian.org
Sent: Friday, June 17, 2005 10:05 AM
Subject: Re: Remote administration of a server
Steve Garcia wrote:
You're pretty much correct -- the only really big problem is if
something gets so wedged that you have to hit the reset button. If
there is someone you can call to ask them to hit the button for you, you
can handle everything else remotely with no trouble.
I will have people who can press reset button for me. This is not a
problem.
If you have a fixed IP in China, it would be a good idea to
restrict ssh access to the server so that only that IP can connect.
I have ADSL connection without fixed IP, can I then set some kind of IP
net mask to restrict access from other IP?
----------------------
Mitja Podreka
http://mitja.kizej.net
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: