| 1 |
On 29 Dec 2005, at 23:18, Grant wrote: |
| 2 |
> |
| 3 |
> Also, what should I do about securing ssh? I'm using a high port |
| 4 |
> number. Is there other special configuration I should be using? I'm |
| 5 |
> using the standard sshd_config except for the high port number |
| 6 |
> specification. |
| 7 |
|
| 8 |
Using a high port number isn't terribly helpful - it's just security |
| 9 |
through obscurity and if someone were to port-scan you with all |
| 10 |
nmap's options turned on they'd surely figure out you were running |
| 11 |
ssh on that port. |
| 12 |
|
| 13 |
Since SSH is encrypted there's not much you need to do to secure it. |
| 14 |
I disable root logins via ssh with "PermitRootLogin no" to save the |
| 15 |
password of one known account from being guessable or brute forced. |
| 16 |
If you want to be paranoid you can restrict logins to known keys, I |
| 17 |
think. A but of homework will tell you more about that - I usually |
| 18 |
just add known secure machines to ~/.ssh/authorized_keys2 to save me |
| 19 |
typing a password when shelling around my LAN & stuff. |
| 20 |
|
| 21 |
Stroller. |
| 22 |
-- |
| 23 |
gentoo-user@g.o mailing list |
Archives