[CentOS] Server Hacked: Cpanel
William L. Maltby
BillsCentOS at triad.rr.com
Wed Aug 9 17:15:29 UTC 2006
On Wed, 2006-08-09 at 14:01 -0300, Rodrigo Barbosa wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, Aug 09, 2006 at 12:40:17PM -0400, Chris Mauritz wrote:
> ><snip>
> I have been using one One Time Password method or another to allow my
> users to have ssh access to their areas these days. Works great,
> as long as they are new users. Old users might complain if you
> make things "more difficult" for them.
As you know, I've never been afraid of exposing my ignorance. So, a Q.
From rom my reading learning to use SSH and such I saw recommendations that
login/password not be allowed where possible. So I did the public key
things and exported them around my little nichework. My theory being
that it is harder to get in and compromise things if there is no
login/password pair for someone to "snoop".
My question is: is there a scenario where the public key based solution
is just totally inappropriate? Am I overrating the value of going
"passwordless"?
I'm also using an IPCop firewall w/no access from the 'net for now. But
if/when I "open 'er up" a little, I would like to believe I'm doing the
best job I can.
> Rodrigo Barbosa
> <snip sig stuff>
TIA
--
Bill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20060809/bd28895a/attachment.sig>
More information about the CentOS
mailing list