[CentOS] sshd hack
Jeff Kinz
jkinz at kinz.org
Sat Mar 11 16:27:53 UTC 2006
On Sat, Mar 11, 2006 at 10:20:16AM -0500, David Johnston wrote:
> I dealt with these attacks by only allowing PubkeyAuthentication.
>
> # Authentication types
> PubkeyAuthentication yes
> AuthorizedKeysFile .ssh/authorized_keys
> PasswordAuthentication no
> ChallengeResponseAuthentication no
>
> This requires you to put your public key in .ssh/authorized_keys on
> remote servers. Make sure it's working before you set
> "PasswordAuthentication no" or you will lock yourself out.
David, I really like the idea of using keys since I believe they are more
resistant to being cracked, but I have one question:
If your ssh keys are in a file on a remote server, does that mean anyone
who has root on that system can use them to gain access to ssh into your home
system?
--
Jeff Kinz, Emergent Research, Hudson, MA.
speech recognition software may have been used to create this e-mail
Rumsfeld tells Bush, "3 Brazilian soldiers were killed in Iraq today."
"Oh my Lord". says Bush. He sits with his head in his hands
for a long minute and then looks up and asks: "How many is a brazillion?
ba-da bing!
(Thank you, I'll be here all week, try the veal :-)
More information about the CentOS
mailing list