[CentOS] SSH Automatic Log-on Failure - Centos 5.5

Thu Jan 27 15:01:59 UTC 2011
m.roth at 5-cent.us <m.roth at 5-cent.us>

Always Learning wrote:
>
> On Thu, 2011-01-27 at 06:40 -0500, Stephen Harris wrote:
>> *NEVER* use password authentication for root
>> (passwords are easier to brute force 'cos people choose bad passwords).
>> Use ssh public key access for root, with appropriate restrictions
>> (eg "from=").
>
> You haven't seen my long and difficult (for others) password (uppercase,
> lowercase, and digits). It is unlikely ever to succumb to brute
> force. :-)

Ah, no. Where can you log in as root from? If it's anywhere outside the
intranet, bad, bad, bad. Thre's been reports that the serious encryption
keys can be cracked in a very short time, thanks to an account on Amazon's
cloud. Here at work, you can only log in as root *from* *the* *console*;
anything else, it's either via ssh keys, or as yourself, then sudo (or
sudo -s).

When I have more than one machine at home, I *only* allow ssh from the
internal net, and *never* from outside.

        mark