an ssh auth. question++
Cheers to you all!
I just had a topic on another forum and there was suggested ,that the
root ssh authentification to a server could be restricted due to a
better security level,so my question is:
what is better to be used::
a root authentification to a remote server over ssh or just a user
authentifaction to this very server+ #su root and then authentificate
the root access?
What i'm wondering about , is:i'm sending in both arts of connection the
root password over ssh2 via TCP/IP , so what is the disadvantage of the
first method to the second one...
Let's say the second one makes the situation ,an intruder needs to know
at least one more account ,which is aware of the root password,so the
intruder needs in fact at least two accounts:the 'aware' user's one and
the root one;could it be , that such method will be better in regarding
ssh account scan attachs like bruteforce and so on....
what is the best way :iptables scrips and so on ,for blocking active ssh
account scans?I know about : DenyHosts script, Daemon Shield, Fail2ban,
pam_abl, sshblack,perhaps also to move ssh authentifying to another port
different than 22 ,let's say 35814...what else could be good or better
as a security suggestion?
Ok,and last one : should it be that a cryptic key athentification is
really more reliable than the normal ssh console authentification...
Thanks in advance!
Institut für Physiologie
Abteilung für Neurophysiologie