[CentOS] phpmyadmin location
Tilman Schmidt
t.schmidt at phoenixsoftware.de
Thu Apr 18 16:30:24 UTC 2013
Am 18.04.2013 08:44, schrieb Arun Khan:
> On Thu, Apr 18, 2013 at 8:14 AM, SilverTip257 <silvertip257 at gmail.com> wrote:
>
>> But at the same time it's not prudent to allow anyone access to a service
>> (host/port/page/whatever) when they have no need to.
>>
>> Perfect example being people who let SSH open to the world on production
>> boxes and do little to nothing to protect it.
>
> How do you handle the ACL when multiple users need the ssh access?
>
> Use case scenario, I have setup CentOS based LAMP servers [...] the web
> developers who keep making changes (per client request) need sftp
> access to the boxen; their respective ISP service, provide only
> dynamic IPs (or charge extra which the freelancer will not pay for)
>
> At the moment, I have had to leave it open with fail2ban monitoring
> the ssh port.
ACLs won't cut it in that scenario, but limiting SSH to public key
authentication (ie. disabling password authentication) and disabling
direct root login should be sufficiently secure.
HTH
T.
--
Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20130418/1cfe1dc6/attachment.sig>
More information about the CentOS
mailing list