Date: Tue, 24 Oct 2006 22:11:58 -0500 From: Jonathan Horne <freebsd@dfwlp.com> To: freebsd-questions@freebsd.org Subject: Re: a simple questions about sshd and PasswordAuthentication Message-ID: <200610242211.58210.freebsd@dfwlp.com> In-Reply-To: <b34be8420610241949j3b7565d6r4742b30422a39369@mail.gmail.com> References: <f17daf040610241940g7daa4552xb62f84fd4061607a@mail.gmail.com> <b34be8420610241949j3b7565d6r4742b30422a39369@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 24 October 2006 21:49, Juha Saarinen wrote: > On 10/25/06, Jeff MacDonald <bignose@gmail.com> wrote: > > Is there anything inherintaly dangerous or wrong about enabling > > PasswordAuthentication in sshd_config ? > > > > I understand how public keys are better and everything else. And I do > > use them. I'm just curious. > > Probably not, if you have strong passwords and sensible management > policies. That said, PasswordAuthentication attracts the brute-force > crackers like flies to rotting meat, so... agreed. 3 weeks ago, i just firewalled off the port (actually, removed the nat), and now require vpn to gain access to my home network. i was repeatedly having pages and pages long nightly security emails of failed ssh attempts. not any more. if the port aint there... they cant bruteforce it! cheers, jonathan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610242211.58210.freebsd>