[CentOS] Re: Ideas for stopping ssh brute force attacks
Tony Mountifield
tony at softins.clara.co.uk
Tue Jul 22 15:48:07 UTC 2008
In article <c077d2020807220540u6ecbaa30tc3409678737dc74e at mail.gmail.com>,
Michael Semcheski <mhsemcheski at gmail.com> wrote:
>
> How do you get the keys to the server the first time after they're
> generated? Its kind of the chicken and an egg problem without the
> password authentication -- that's why I still have passwords turned on
> (but require __very__ strong passwords.)
I start off with password authentication enabled, then scp my authorized_keys
file to the server, check my keys work, and then disable passwords in sshd.
Cheers
Tony
--
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org
More information about the CentOS
mailing list