[ntp:hackers] UDel security

Mark Martinec Mark.Martinec at ijs.si
Thu May 12 10:26:22 PDT 2005


> From my point of view as a developer, as long as I can SSH into pogo
> as necessary that's fine. I usually SSH to pogo before I go anywhere
> else anyway. This sounds like a good choice.

Due to increased number of password guessing attempts over ssh seen in
recent months, we (at our institute) now only allow ssh logins through
DSA or RSA keys, no longer by passwords. Also the ssh protocol version 1
is to be disabled, it has known weaknesses. After some grace period,
PasswordAuthentication should be set to no in sshd_config.

  Mark



More information about the hackers mailing list