On 23 Sep 2004, at 08:11, Billy wrote:
> I've also blocked all access to port ssh (22) unless it's from my
> cable company. Everyone I know has RoadRunner, the bussiness
> connection is RR, my home is RR, all my friends are RR. Everyone else
> is blocked. Why? I don't want some guy in China hitting my boxes
> testing my passwords. If it's some guy in the RR network, it's easier
> to track down. It's also less exposure. Less is Best! The only person
> that should even be *attempting* to ssh into my systems is... me.
If "some guy in China hitting [your] boxes testing [your] passwords" is
a concern, you may want to disable password/interactive authentication
in SSH and use an authentication key instead.
man ssh-keygen for more info.
> I've also blocked all access to port ssh (22) unless it's from my
> cable company. Everyone I know has RoadRunner, the bussiness
> connection is RR, my home is RR, all my friends are RR. Everyone else
> is blocked. Why? I don't want some guy in China hitting my boxes
> testing my passwords. If it's some guy in the RR network, it's easier
> to track down. It's also less exposure. Less is Best! The only person
> that should even be *attempting* to ssh into my systems is... me.
If "some guy in China hitting [your] boxes testing [your] passwords" is
a concern, you may want to disable password/interactive authentication
in SSH and use an authentication key instead.
man ssh-keygen for more info.