11 Mar
2006
11 Mar
'06
5:27 p.m.
On Sat, Mar 11, 2006 at 10:20:16AM -0500, David Johnston wrote:
I dealt with these attacks by only allowing PubkeyAuthentication.
# Authentication types PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication no
This requires you to put your public key in .ssh/authorized_keys on remote servers. Make sure it's working before you set "PasswordAuthentication no" or you will lock yourself out.
David, I really like the idea of using keys since I believe they are more resistant to being cracked, but I have one question:
If your ssh keys are in a file on a remote server, does that mean anyone who has root on that system can use them to gain access to ssh into your home system?
--
Jeff Kinz, Emergent Research, Hudson, MA.
speech recognition software may have been used to create this e-mail
Rumsfeld tells Bush, "3 Brazilian soldiers were killed in Iraq today."
"Oh my Lord". says Bush. He sits with his head in his hands
for a long minute and then looks up and asks: "How many is a brazillion?
ba-da bing!
(Thank you, I'll be here all week, try the veal :-)