Vincent Danen grabbed a keyboard and wrote:
>
> My suggestions: Disable FTP. Use scp or sftp. Protocol2 is a good
> start, but enforce key-based logins only (ie. disable password
> authentication). This way no one can attempt to brute force your
> system, they have to have a key, and know it's passphrase, in order to
> get in.
>
> That's how I have my systems setup. I find it a lot more reliable.
> And putty, for instance, can do both keys and scp (although I'm not
> sure if it can do V2 keys with the latest versions of openssh, it may
> only be able to do V1).
Ooooh, that sounds promising. I'll have to look into that. Is it
particularly hard to make sure that your key is available to those you want
to access the system?
I presume that even with the system key, they *do* still have to login as
themselves, right? :-)
--Dave
--
David Guntner GEnie: Just say NO!
http://www.akaMail.com/pgpkey/davidg or key server
for PGP Public key
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
