On Tuesday 24 October 2006 21:49, Juha Saarinen wrote: > On 10/25/06, Jeff MacDonald <[EMAIL PROTECTED]> wrote: > > Is there anything inherintaly dangerous or wrong about enabling > > PasswordAuthentication in sshd_config ? > > > > I understand how public keys are better and everything else. And I do > > use them. I'm just curious. > > Probably not, if you have strong passwords and sensible management > policies. That said, PasswordAuthentication attracts the brute-force > crackers like flies to rotting meat, so...
agreed. 3 weeks ago, i just firewalled off the port (actually, removed the nat), and now require vpn to gain access to my home network. i was repeatedly having pages and pages long nightly security emails of failed ssh attempts. not any more. if the port aint there... they cant bruteforce it! cheers, jonathan _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"