[CentOS] Securing SSH

Kai Schaetzl maillists at conactive.com
Wed Mar 26 14:00:21 UTC 2008


Robert Spangler wrote on Wed, 26 Mar 2008 08:03:48 -0400:

> If you are going to use VPN then why not setup your remote site to use VPN and 
> bypass SSH altogether then?

There could be several reasons, for instance:
1. SSH is all what is necessary
2. it's probably easier to have *one* VPN and then be able to ssh to dozens of 
other machines instead of setting up VPN on all of them and running several VPN 
tunnels at once

> Bottom line is if you want to be secure don't use passwords for login.

Still doesn't stop those brute-force attacks. It just makes them fail. That's the 
point about moving port etc., not the security.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com






More information about the CentOS mailing list