Re: SSH Cracking Attempts
On Fri, Oct 01, 2004 at 07:55:09PM -0400, Ralph Katz wrote:
> Date: Fri, 01 Oct 2004 19:55:09 -0400
> From: Ralph Katz <firstname.lastname@example.org>
> To: email@example.com
> Subject: Re: SSH Cracking Attempts
> On 10/01/04 03:30, Alexei Chetroi wrote:
> > If you are desktop user, do you really need ssh access from
> >everywhere? If you need access to your machine from home, for example,
> >define IP range of your ISP in /etc/hosts.allow for ssh or shutdown sshd
> Linux, with cool features like ssh, really spoils one! No, I don't need
> it from everywhere, but my roving laptop users login from varying
> locations. Since one of them provides my tech support on the rare
> occasion when I need it, ssh is a nice feature to enable.
Ok, if there're many locations, it could be difficuilt to update
hosts.allow. (IMHO maintaining access to ssh from specific hosts/nets, is
far better than allowing it from everywhere in case there's an unknown
remote exploit in sshd).
In case there're no many users on your machine, make sure their
passwords are strong enough, so it couldn't be guessed. Or disallow
password login, leaving only key based authentication. Or run sshd on
port different from 22, I don't think those scaners scans entire port
range for ssh.