Re: Things I Don't Understand About Debian
Hi,
On Thu, Feb 24, 2011 at 07:25:39AM -0700, Aaron Toponce wrote:
> On Thu, Feb 24, 2011 at 10:18:20AM +0100, Klistvud wrote:
> > 4. The sshd daemon allows root logins by default.
>
> Oh brother. The ssh daemon also allows logins via passwords. I assume
> you think this is less secure as well, as ssh keys should be the
> preferred method. We should also change the port off 22 to something
> like 31867, right?
>
> Security by obscurity my friend. Security by obscurity.
Some time, well thought "security by obscurity" may be a good idea.
I do not bother disabling root login but I may put "knockd" to prevent
chance of DOS attack or brute force break-ins.
> --
> . o . o . o . . o o . . . o .
> . . o . o o o . o . o o . . o
> o o o . o . . o o o o . o o o
Reply to: