On Fri, Apr 20, 2007 at 06:56:01PM -0400, Michael Olson wrote: > Adam Megacz <[EMAIL PROTECTED]> writes: > > > Michael Olson <[EMAIL PROTECTED]> writes: > >> This sounds reasonable to me. If this change is OK with docelic, then I > >> will install the denyhosts package on deleuze so that ssh script kiddies > >> are kept out -- I use it on all of the machines that I maintain. I'm > >> assuming that was the reason that we went with the nonstandard port > >> (namely: ssh kiddies). > > > > Do we need this? Hcoop already forces users to choose extremely > > strong passwords; dictionary attacks are not a concern. > > Yes, we do. Even if only for the fact that it keeps the logs clean. > I will double the default "tolerance" of denyhosts so that it is > nearly impossible for a user to lock themself out.
Then it will be flawless solution ;-) _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
