On Dec 21, 2006, at 3:59 PM, Graham Menhennitt wrote:
Christopher Hilton wrote:
If it's at all possible switch to using public keys for
authentication
with ssh and disallow password authentication. This completely stops
the brute forcing attacks from filling up your periodic security
mail.
Are you sure about that? I only allow PublickeyAuthentication ssh2
connections but I get lots of security mail messages like:
Be sure to disallow PAM auth also. I missed that one the first time
I tried to disable interactive keyboard auth login.
