[CentOS] Re: Securing SSH

Tue Mar 25 19:18:28 UTC 2008
Scott Silva <ssilva at sgvwater.com>

on 3-25-2008 11:46 AM Rudi Ahlers spake the following:
> John R Pierce wrote:
>> Rudi Ahlers wrote:
>>> Tim Alberts wrote:
>>>> ... sounds great for getting around a remote dynamic IP address, but 
>>>> some more authentication/security on that web page is necessary, 
>>>> otherwise, anyone who finds that web page is given access?
>>>>
>>>> _______________________________________________
>>>>
>>> Why?
>>> What is on that site which is very specific to the setup?
>>>
>>
>>
>> he's referring to YOUR controlling webpage, which they refer to as 
>> my-sshd-access.php there.
>>
>>
>> _______________________________________________
>>
> aah ok.
> But that's something he should either not use if necessary, or rather 
> secure with a .htaccess password.
> 
Or just hide it and not name it "my-sshd-access.php". It is difficult to find 
a web page you don't know exists if directory listing is off.

-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080325/fc3747eb/attachment-0005.sig>