Neal Murphy said: > The point is to obscure the ssh server from everyone, including those who > are authorized to access it remotely.
You're right, this is just the old idea of "security by obscurity". > The point is to reduce brute-forace attacks to the point of nearly total > ineffectiveness. The point is to require a small amount of > pre-authentication before the server acknowledges the client's attempt > to connect. How small can any _reliable_ authentication protocol be? Either it's at risk by brute-force or by denial-of-service. Michel -- $ rpm -q --whatrequires linux no package requires linux -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
