[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Safe to access SSH server from work?

On Thu, May 05, 2011 at 03:46:27PM -0700, CACook@quantum-sci.com wrote:
> On Thursday 5 May, 2011 15:09:02 Brian wrote:
> > Use a strong password or ssh keys for access to the server. The question
> > is whether you trust the machine you use at work.
> 
> OK, say you -don't- trust your machine at work.  Workarounds?
> 
You could run Debian Live on a USB stick (or any other live distro,
really).  Boot your work machine with that, and you will have a trusted
machine.  Use that to ssh to your home machine.

And follow the advice that others have already given you.  Specifically,
disallow password authentication.  That is a biggie.  Even if you have a
strong password, others on your home machine may not.  As already said,
you can use AllowUsers in sshd_config to allow only specific users to
have ssh access.

I hesitate to mention this, because it will start an argument about
security through obscurity, but you can run your ssh server on a port
other than 22.  It really does nothing for security, but it will keep
your firewall logs a lot cleaner because it avoids pesky scripts that
circulate the internet, trying to brute force ssh servers.

-Rob
Reply to: