simple question about a "rule"
Warren Togami
warren at togami.com
Wed Jun 27 01:26:46 PDT 2001
Cracking your machine with only SSH would be very difficult to nearly
impossible without knowing your passwords. OpenSSH itself is perhaps the
safest thing you can run, but if you want to be ultra paranoid try these
tips.
* Disable root login in the sshd configuration. You shouldn't login as root
anyway. (Yes, I'm a stupid hypocrite.) Login as an unpriveledged user, and
su or sudo if needed.
* Use secure passwords. Mix upper and lower case, numbers and symbols and
DO NOT USE DICTIONARY WORDS.
* Use iptables and disallow all port 22 connections unless they come from
hosts that you specify.
* OR if you don't ever need to login remotely, just turn off the SSH daemon.
Can't crack a machine that is off.
----- Original Message -----
From: "dave" <d.eason at home.com>
To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
Sent: Tuesday, June 26, 2001 9:45 PM
Subject: [luau] Re: simple question about a "rule"
> Secure or not what I want(ed) to do was prevent people from getting a
> prompt at all if they don't match a certain ip address. 2 hacks in 2
> month, I'm already paranoid, I've checked logs 15 times a day, run
> up2date everyday now, its hardwork being paranoid hehe.
>
>
>
> -Dave
More information about the LUAU
mailing list