Adam Megacz <[EMAIL PROTECTED]> writes: > Michael Olson <[EMAIL PROTECTED]> writes: >> This sounds reasonable to me. If this change is OK with docelic, then I >> will install the denyhosts package on deleuze so that ssh script kiddies >> are kept out -- I use it on all of the machines that I maintain. I'm >> assuming that was the reason that we went with the nonstandard port >> (namely: ssh kiddies). > > Do we need this? Hcoop already forces users to choose extremely > strong passwords; dictionary attacks are not a concern.
Yes, we do. Even if only for the fact that it keeps the logs clean. I will double the default "tolerance" of denyhosts so that it is nearly impossible for a user to lock themself out. -- Michael Olson -- FSF Associate Member #652 -- http://www.mwolson.org/ Interests: Lisp, text markup, protocols -- Jabber: mwolson_at_hcoop.net /` |\ | | | Projects: Emacs, Muse, ERC, EMMS, Planner, ErBot, DVC |_] | \| |_| Reclaim your digital rights by eliminating DRM. See http://www.defectivebydesign.org/what_is_drm for details.
pgpWVqZG9nmRN.pgp
Description: PGP signature
_______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
