Is it safe to enable ssh logins on a machine that's
going to sit on the internet?
Is it really hackerproof?
Running some tests, I noticed that in order to log
into a remote machine, even if I don't have any keys,
it still
lets me login with a password.
Is it then any safer that just using 'rsh' to login to
machines?
And when I have no keys or configuration files on my
local machine and log into a remote machine using
ssh, it the transmission still encrypted? (Yes, it
does let me do this).
How do I limit logins from only certain IP addresses?
Do I just use it with tcp-wrappers?
I'm debating whether to enable ssh logins on a machine
that's not behind a firewall. Just plain sitting out
there on the internet just waiting for someone to hack
in.
Any comments suggestions on making logins more secure?
Thanks
_____________________________________________________________
Do You Yahoo!?
Free instant messaging and more at http://messenger.yahoo.com
