Date: Sat, 20 Mar 2010 17:23:51 +0000 (GMT) From: Jamie Griffin <Jamie@fantomatic.co.uk> To: freebsd-questions@freebsd.org Subject: Re: securing sshd Message-ID: <201003201723.o2KHNqBd001280@fix.fantomatic.co.uk> In-Reply-To: <87wrx69b1l.fsf@upnet.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
I think on reflection I might have been a little over the top with blocking password logins and I think the point about carrying a key on a usb stick, etc, is a very good one. The reason I went with that decision is because I only expect to be logging in to the server from two locations: at home or from a computer at my university, where the public key can be kept in the accounts I use at each location. Also, there are no other users loggin into it so it won't be too much of a problem doing it this way, i hope. When I saw hundreds of failed login attemps I panicked a bit i think :-) I really like the pf option and have just set up a similar rule actually, which i think will work well because i've also got it working with spamd to greylist inbound mail, as recommended by someone on this list the other day. Really appreciate all the good advice though, thanks. Jamie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201003201723.o2KHNqBd001280>