Re: authentication failure
On Tue, Mar 13, 2007 at 10:05:24AM +0200, Andrei Popescu wrote:
> Tarek Soliman <tarek-spam@zeusmail.bounceme.net> wrote:
>
> > Do not log in as root via ssh or even allow it.
> > There are reasons why the default in Debian is PermitRootLogin no
>
> The default is "yes".
> See /usr/share/doc/openssh-server/Readme.DEBIAN.gz for the maintainers
> oppinion.
>
Wow. Everything I thought I knew about security has been shattered.
It seems there are regular attempts to log in as root through ssh
though.
Having a strong password helps.
Having port-knocking or ip-banning based on so many failed attempts
helps.
Changing the port helps. (least satisfying way I think)
I think the best way is to have key-only authentication on just the list
of AllowUsers.
Feel free to correct me if I'm wrong (again)
--
Tarek
Reply to: