Date: Mon, 22 Jun 2009 21:16:35 -0400 From: Daniel Underwood <djuatdelta@gmail.com> To: freebsd-questions@freebsd.org Subject: Best practices for securing SSH server Message-ID: <b6c05a470906221816l4001b92cu82270632440ee8a@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
On a BSD box at work (at an extremely fast connection and static IP), I run an SSH server. I am the only person who uses the server, but I use it from some locations that are behind a dynamic IP (so I can't set pf rules to filter by IP). I will always, however, use the same laptop to connect to the server. Due to the speed and location of the connection, it's a relatively high-risk target. What are some good practices for securing this SSH server. Is using a stored key safer than a password in this instance? I have no experience with port-knocking, but I'd appreciate some tips or suggested beginning references... I welcome any and all advice. Note: I do require X11 forwarding (not sure whether that's relevant information) TIA, Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b6c05a470906221816l4001b92cu82270632440ee8a>