Re: OT: Safe to access SSH server from work?

To: debian-user@lists.debian.org
Subject: Re: OT: Safe to access SSH server from work?
From: George <pinkisntwell@gmail.com>
Date: Fri, 6 May 2011 01:01:56 +0300
Message-id: <[🔎] BANLkTi=qGuM0ibNXhnaSwwZFdu7D1pzR0Q@mail.gmail.com>
In-reply-to: <[🔎] 20110505214313.GK12860@wasteland.homelinux.net>
References: <[🔎] BANLkTinFavrwh5NcWFcdJCE8+M-ja5=UXw@mail.gmail.com> <[🔎] 20110505214313.GK12860@wasteland.homelinux.net>

On 5/6/11, Jochen Schulz <ml@well-adjusted.de> wrote:

> If you only allowing key-based authentication and install security
> patches in a timely manner, the risk from running a public OpenSSH
> server is low. Expect brute-force attempts to login using weak
> passwords, though. If you only allow key logins, you can ignore that.
>

What exactly is a key login? The computer that needs to be accessed is
running Windows and I have installed WinSSHD on it. I see a "DSA host
key" on its configuration screen, accompanied by an MD5 fingerprint.
When I connected to it from my Debian box I received the
aforementioned fingerprint. Is this process the "key login" you're
referring to? I'm asking because in the configuration screen of
WinSSHD there's also an indication of "No RSA host key is currently
employed". What is the difference between the two keys? Do I need to
use both of them to be safe when accessing from the Internet?

Reply to:

Follow-Ups:
- Re: OT: Safe to access SSH server from work?
  - From: Jochen Schulz <ml@well-adjusted.de>

References:
- OT: Safe to access SSH server from work?
  - From: George <pinkisntwell@gmail.com>
- Re: OT: Safe to access SSH server from work?
  - From: Jochen Schulz <ml@well-adjusted.de>

Prev by Date: Re: Re: System becomes very slow after update to squeeze 6.0.1
Next by Date: Re: OT: Safe to access SSH server from work?
Previous by thread: Re: OT: Safe to access SSH server from work?
Next by thread: Re: OT: Safe to access SSH server from work?
Index(es):
- Date
- Thread