On Tue, 19 Apr 2011 16:54:45 +0700 Edho P Arief wrote: > On Tue, Apr 19, 2011 at 4:33 PM, Alexander Schrijver > <alexander.schrij...@gmail.com> wrote: > > I think it's a bad idea to disable ssh login while someone is bruteforcing > > your > > account. > > > > it may be just me but I'm having problem in understanding this statement. >
They won't brute force your pubkey auth. Disable password auth and don't lock yourself out by "securing" password auth. Choose a good password for short periods before you've setup the pubkey. An interesting question is, what's more secure (ignoring physical), local console or ssh (environment etc.).
