[CentOS] Securing SSH

Wed Mar 26 12:03:48 UTC 2008
Robert Spangler <mlists at zoominternet.net>

On Wednesday 26 March 2008 07:31, Kai Schaetzl wrote:

>  > The idea of only allowing for strict ip address is good but what if you
>  > are on the move?
>
>  If you have a static IP address, this is not a problem. You VPN into your
> home LAN and from there to the restricted machine.

If you are going to use VPN then why not setup your remote site to use VPN and 
bypass SSH altogether then?

We could go on for day here with the arguments and counter-arguments.  The 
point is everyone is going to do what they find best for them.  What works 
for one might not for another.

Bottom line is if you want to be secure don't use passwords for login.  If you 
must then make them as hard to crack as possible.  The problem with this is 
people will tend to write them down if they are too hard to remember.


-- 

Regards
Robert

Smile... it increases your face value!
Linux User #296285
http://counter.li.org