On Wed, Nov 30, 2011 at 12:42 PM, Rob Kampen <rkampen at kampensonline.com> wrote: > >> I've always wondered why something as complex as sshd doesn't do >> anything to protect you from the simplest form of attack - like >> rate-limiting failed attempts. >> >> > > Passwords?? Why? Because they are there and enabled by default... > Remote root login via ssh?? Why? Because that is necessary (or a way to escalate to root) to do anything useful like backups or remote administration. > This is why they invented cyphers and rsa and 3des etc - use these and it > makes it MUCH harder for the black hackers. Sure, but you could just use a separate VPN to get in if you want to make things complicated. Ssh is mostly about being able to log in. -- Les Mikesell lesmikesell at gmail.com