On Jan 25, 2008 8:43 PM, Daniel <[EMAIL PROTECTED]> wrote: > One thing I would strongly advise doing is install denyhosts or > something similar. This will prevent against ssh attacks on your > computer.
I've been happy with fail2ban. I would also suggest that you don't allow PasswordAuthentication, just PubkeyAuthentication (these are in your /etc/ssh/sshd_config file). Look for tutorials on creating your key pairs (or ask us). > > I would also use a port other than 22 so that it makes it harder to find. Just use port 22. With fail2ban and no password authentication, you are probably just as safe using the standard port and it's less hassle. Any bad person will know how to scan for whichever non-standard port you choose anyway. > > All of this is a moot point if you don't use a static ip address for > your computer. You don't need a static IP. Use dyndns or a similar service. Bryan -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/newbies
