[CentOS] Failed attempts
Peter Eckel
lists at eckel-edv.deTue Nov 28 10:55:44 UTC 2017
- Previous message: [CentOS] Failed attempts
- Next message: [CentOS] Failed attempts
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Valeri, > Good luck! Use strong passwords (passphrase I call it when I talk to my > users), especially for root account. if possible: Do not use passwords at all. Disable password login, and replace by SSH private/public key authentication, and, again if possible, with OTP (two factor authentication) on top. All the other hints (disallow root access via SSH, use strong passwords, port knocking, different ports etc.) just put the hurdle a bit higher but do not solve the underlying problem: Password authentication is weak by design, as it relies on the well-behaviour of users. Don't restrict their passwords and they'll use simple ore easily-guessible ones. Restrict them and they will write them down. Cheers, Pete.
- Previous message: [CentOS] Failed attempts
- Next message: [CentOS] Failed attempts
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list