Date: Wed, 18 May 2005 15:56:41 -0500 From: Kirk Strauser <kirk@strauser.com> To: freebsd-questions@freebsd.org Subject: Re: illegal user root user failed login attempts Message-ID: <200505181556.44648.kirk@strauser.com> In-Reply-To: <C993D184-EDA6-446B-96CC-59B9AFE34AC2@mac.com> References: <C993D184-EDA6-446B-96CC-59B9AFE34AC2@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1219631.cX3ES949Zg Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 17 May 2005 09:36, Peter Kropholler wrote: > As things stand, ssh is designed so you can't get at people's passwords > and I am leaving it alone. Focussing instead on the task of making > sure my passwords are strong, limiting AllowUsers to specific users and > trusted ip addresses, and moving ssh off port 22. Alternatively, scrap all that and force RSA authentication after disabling= =20 password login. I could give you my root password (and even my personal=20 password) and there isn't jack you can do with it because no services=20 authenticate off it; it's only useful for logging in locally. =2D-=20 Kirk Strauser --nextPart1219631.cX3ES949Zg Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iD8DBQBCi6wM5sRg+Y0CpvERAn2bAKCcFJwmCc78gShH+QyFWj8uYsNOygCfbB2h T7/33dolAACVOooc0sTbSfk= =+hkH -----END PGP SIGNATURE----- --nextPart1219631.cX3ES949Zg--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505181556.44648.kirk>