[CentOS] sshd hack

Jeff Kinz jkinz at kinz.org
Sat Mar 11 16:27:53 UTC 2006

On Sat, Mar 11, 2006 at 10:20:16AM -0500, David Johnston wrote:
> I dealt with these attacks by only allowing PubkeyAuthentication.
>  # Authentication types
> PubkeyAuthentication yes
> AuthorizedKeysFile      .ssh/authorized_keys
> PasswordAuthentication no
> ChallengeResponseAuthentication no
> This requires you to put your public key in .ssh/authorized_keys on
> remote servers.  Make sure it's working before you set
> "PasswordAuthentication no" or you will lock yourself out.

David, I really like the idea of using keys since I believe they are more
resistant to being cracked, but I have one question:

If your ssh keys are in a file on a remote server, does that mean anyone
who has root on that system can use them to gain access to ssh into your home

Jeff Kinz, Emergent Research, Hudson, MA.
speech recognition software may have been used to create this e-mail

Rumsfeld tells Bush, "3 Brazilian soldiers were killed in Iraq today."
  "Oh my Lord". says Bush. He sits with his head in his hands
for a long minute and then looks up and asks: "How many is a brazillion?

	            ba-da bing! 
   (Thank you, I'll be here all week, try the veal :-)

More information about the CentOS mailing list