Re: ssh problems with {master,va}.debian.org???
Michael Stone <mstone@debian.org> writes:
> You may want to make it more difficult for someone to get *any* info
> about your ssh. If you enable access from only certain hosts via
> wrappers, you won't be advertising your ssh version and protocol number,
> and would be making it harder to launch an attack on the daemon.
For master, this is probably irrelevant. The ssh version running is
probably in the last 3 versions that were in the debian archive, no?
Having ssh open also allows scanning for usernames, which is also not
a big concern on master.
I don't think PARANOID gains much here.
--
Robbe
Reply to: