1 |
On 29 Dec 2005, at 23:18, Grant wrote: |
2 |
> |
3 |
> Also, what should I do about securing ssh? I'm using a high port |
4 |
> number. Is there other special configuration I should be using? I'm |
5 |
> using the standard sshd_config except for the high port number |
6 |
> specification. |
7 |
|
8 |
Using a high port number isn't terribly helpful - it's just security |
9 |
through obscurity and if someone were to port-scan you with all |
10 |
nmap's options turned on they'd surely figure out you were running |
11 |
ssh on that port. |
12 |
|
13 |
Since SSH is encrypted there's not much you need to do to secure it. |
14 |
I disable root logins via ssh with "PermitRootLogin no" to save the |
15 |
password of one known account from being guessable or brute forced. |
16 |
If you want to be paranoid you can restrict logins to known keys, I |
17 |
think. A but of homework will tell you more about that - I usually |
18 |
just add known secure machines to ~/.ssh/authorized_keys2 to save me |
19 |
typing a password when shelling around my LAN & stuff. |
20 |
|
21 |
Stroller. |
22 |
-- |
23 |
gentoo-user@g.o mailing list |