lars wrote: > Either you > 1 configure SSH to only allow logins from certain hostnames or > IP addresses or for certain users, and/or > > 2 install a program to watch your logfiles and modify > your firewall rules dynamically according to specified > triggers, > like /usr/ports/security/denyhosts, and/or > > 3 choose strong passwords or -phrases and not care
You forgot: 4 Use SSH key based auth exclusively. Turn off all of the password stuff in sshd_config. Laugh at the poor fools trying to break in. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature